The Diagnostics tab will contain a summary of the requests and responses sent and received as part of the authentication testing. It is recommended that you do not perform any other operations in ZAP while testing the authentication otherwise that may result in unrelated messages being recorded.
Only the absolute minimum information is recorded, and host name and parameter values are replaced by safe tokens.
-You can copy all of the date to the clipboard and review it to make sure it does not include any sensitive data
+You can copy all of the data and review it to make sure it does not include any sensitive data
before you share it with us.
Is ZAP fails to detect either the Username or Password field then we will need more details about the login page.
If you can share that with us then it will it much easier to debug.
diff --git a/docs/statistics/index.xml b/docs/statistics/index.xml
index f843e5fce0..c1a76ec9c9 100644
--- a/docs/statistics/index.xml
+++ b/docs/statistics/index.xml
@@ -40,7 +40,7 @@
/docs/statistics/top-addons-last-month/
Mon, 01 Jan 0001 00:00:00 +0000/docs/statistics/top-addons-last-month/
- These were the most frequently installed optional add-ons last month.
Note that this does not mean they were the most used add-ons - that is harder to quantify.
Position Add-On Status Id Last Updated 1 Import/Export beta exim 2023-11-10 2 Database alpha database 2023-10-12 3 Requester beta requester 2023-10-12 4 Spider release spider 2023-12-19 5 Authentication Helper beta authhelper 2023-10-12 6 Passive scanner rules (beta) beta pscanrulesBeta 2023-09-08 7 Postman Support alpha postman 2023-10-12 8 Active scanner rules (beta) beta ascanrulesBeta 2023-09-08 9 Access Control Testing alpha accessControl 2023-09-08 10 Port Scanner beta portscan 2022-10-27 11 Sequence alpha sequence 2023-10-23 12 Plug-n-Hack Configuration beta plugnhack 2022-10-27 13 Passive scanner rules (alpha) alpha pscanrulesAlpha 2023-09-08 14 Active scanner rules (alpha) alpha ascanrulesAlpha 2023-09-08 15 Custom Payloads beta custompayloads 2023-11-10 16 Wappalyzer - Technology Detection release wappalyzer 2024-01-03 17 Advanced SQLInjection Scanner beta sqliplugin 2021-10-20 18 FuzzDB Files release fuzzdb 2022-09-23 19 Community Scripts alpha communityScripts 2023-06-28 20 JWT Support alpha jwt 2023-01-02
+ These were the most frequently installed optional add-ons last month.
Note that this does not mean they were the most used add-ons - that is harder to quantify.
Position Add-On Status Id Last Updated 1 Import/Export beta exim 2023-11-10 2 Database alpha database 2023-10-12 3 Requester beta requester 2023-10-12 4 Spider release spider 2023-12-19 5 Authentication Helper beta authhelper 2024-01-10 6 Passive scanner rules (beta) beta pscanrulesBeta 2023-09-08 7 Postman Support alpha postman 2023-10-12 8 Active scanner rules (beta) beta ascanrulesBeta 2023-09-08 9 Access Control Testing alpha accessControl 2023-09-08 10 Port Scanner beta portscan 2022-10-27 11 Sequence alpha sequence 2023-10-23 12 Plug-n-Hack Configuration beta plugnhack 2022-10-27 13 Passive scanner rules (alpha) alpha pscanrulesAlpha 2023-09-08 14 Active scanner rules (alpha) alpha ascanrulesAlpha 2023-09-08 15 Custom Payloads beta custompayloads 2023-11-10 16 Wappalyzer - Technology Detection release wappalyzer 2024-01-03 17 Advanced SQLInjection Scanner beta sqliplugin 2021-10-20 18 FuzzDB Files release fuzzdb 2022-09-23 19 Community Scripts alpha communityScripts 2023-06-28 20 JWT Support alpha jwt 2023-01-02
diff --git a/docs/statistics/top-addons-last-month/index.html b/docs/statistics/top-addons-last-month/index.html
index d46beb3386..edfa8964f0 100644
--- a/docs/statistics/top-addons-last-month/index.html
+++ b/docs/statistics/top-addons-last-month/index.html
@@ -272,7 +272,7 @@
Top ZAP Add-Ons Last Month
authhelper
- 2023-10-12
+ 2024-01-10
diff --git a/index.xml b/index.xml
index 9536a3f6ae..e1993b6f8f 100644
--- a/index.xml
+++ b/index.xml
@@ -7748,7 +7748,7 @@ Any third party can sponsor anyone to work on ZAP Third parties can promote thei
/docs/statistics/top-addons-last-month/These were the most frequently installed optional add-ons last month.
Note that this does not mean they were the most used add-ons - that is harder to quantify.
-Position Add-On Status Id Last Updated 1 Import/Export beta exim 2023-11-10 2 Database alpha database 2023-10-12 3 Requester beta requester 2023-10-12 4 Spider release spider 2023-12-19 5 Authentication Helper beta authhelper 2023-10-12 6 Passive scanner rules (beta) beta pscanrulesBeta 2023-09-08 7 Postman Support alpha postman 2023-10-12 8 Active scanner rules (beta) beta ascanrulesBeta 2023-09-08 9 Access Control Testing alpha accessControl 2023-09-08 10 Port Scanner beta portscan 2022-10-27 11 Sequence alpha sequence 2023-10-23 12 Plug-n-Hack Configuration beta plugnhack 2022-10-27 13 Passive scanner rules (alpha) alpha pscanrulesAlpha 2023-09-08 14 Active scanner rules (alpha) alpha ascanrulesAlpha 2023-09-08 15 Custom Payloads beta custompayloads 2023-11-10 16 Wappalyzer - Technology Detection release wappalyzer 2024-01-03 17 Advanced SQLInjection Scanner beta sqliplugin 2021-10-20 18 FuzzDB Files release fuzzdb 2022-09-23 19 Community Scripts alpha communityScripts 2023-06-28 20 JWT Support alpha jwt 2023-01-02
+Position Add-On Status Id Last Updated 1 Import/Export beta exim 2023-11-10 2 Database alpha database 2023-10-12 3 Requester beta requester 2023-10-12 4 Spider release spider 2023-12-19 5 Authentication Helper beta authhelper 2024-01-10 6 Passive scanner rules (beta) beta pscanrulesBeta 2023-09-08 7 Postman Support alpha postman 2023-10-12 8 Active scanner rules (beta) beta ascanrulesBeta 2023-09-08 9 Access Control Testing alpha accessControl 2023-09-08 10 Port Scanner beta portscan 2022-10-27 11 Sequence alpha sequence 2023-10-23 12 Plug-n-Hack Configuration beta plugnhack 2022-10-27 13 Passive scanner rules (alpha) alpha pscanrulesAlpha 2023-09-08 14 Active scanner rules (alpha) alpha ascanrulesAlpha 2023-09-08 15 Custom Payloads beta custompayloads 2023-11-10 16 Wappalyzer - Technology Detection release wappalyzer 2024-01-03 17 Advanced SQLInjection Scanner beta sqliplugin 2021-10-20 18 FuzzDB Files release fuzzdb 2022-09-23 19 Community Scripts alpha communityScripts 2023-06-28 20 JWT Support alpha jwt 2023-01-02
diff --git a/search/index.json b/search/index.json
index 99ee13b304..6a2f7ab2a4 100644
--- a/search/index.json
+++ b/search/index.json
@@ -2205,7 +2205,7 @@
"keywords": ["","authentication","dialog","tester"],
"tags": null,
"summary": "Authentication Tester Dialog This dialog allows you to test if ZAP can authenticate and automatically handle the session handling and verification for a site given only the login page and credentials.\nFields The following fields are provided:\nLogin URL The URL of the login page. It is mandatory and must start with \u0026ldquo;http://\u0026rdquo; or \u0026ldquo;https://\u0026rdquo;.",
- "content": "authentication tester dialog allows you test zap can authenticate automatically handle session handling verification site given only login page credentials fields following provided: url mandatory must start http: https: does not have sites tree accessible context name which will configured already exists then deleted recreated username use password valid work browser choose need installed able launched from time wait seconds number after submitting form before closing closed application has loaded may identify find suitable demo mode just adds second delays between filling each field other effect than making easier see what going when nonheadless used results panel show progress been identified all elements order diagnostics tab contain summary requests responses sent received part testing recommended that do perform any operations while otherwise result unrelated messages being recorded absolute minimum information host parameter values replaced by safe tokens copy date clipboard review make sure include sensitive data share us fails detect either we more details about much debug detects both required please diagnostic hopefully diagnose whats wrong "
+ "content": "authentication tester dialog allows you test zap can authenticate automatically handle session handling verification site given only login page credentials fields following provided: url mandatory must start http: https: does not have sites tree accessible context name which will configured already exists then deleted recreated username use password valid work browser choose need installed able launched from time wait seconds number after submitting form before closing closed application has loaded may identify find suitable demo mode just adds second delays between filling each field other effect than making easier see what going when nonheadless used results panel show progress been identified all elements order diagnostics tab contain summary requests responses sent received part testing recommended that do perform any operations while otherwise result unrelated messages being recorded absolute minimum information host parameter values replaced by safe tokens copy data review make sure include sensitive share us fails detect either we more details about much debug detects both required please diagnostic hopefully diagnose whats wrong "
},
{
"url": "/docs/desktop/start/features/authstrategies/",
@@ -6260,8 +6260,8 @@
"title": "Top ZAP Add-Ons Last Month",
"keywords": ["","add-ons","last","month","top","zap"],
"tags": null,
- "summary": "These were the most frequently installed optional add-ons last month.\nNote that this does not mean they were the most used add-ons - that is harder to quantify.\nPosition Add-On Status Id Last Updated 1 Import/Export beta exim 2023-11-10 2 Database alpha database 2023-10-12 3 Requester beta requester 2023-10-12 4 Spider release spider 2023-12-19 5 Authentication Helper beta authhelper 2023-10-12 6 Passive scanner rules (beta) beta pscanrulesBeta 2023-09-08 7 Postman Support alpha postman 2023-10-12 8 Active scanner rules (beta) beta ascanrulesBeta 2023-09-08 9 Access Control Testing alpha accessControl 2023-09-08 10 Port Scanner beta portscan 2022-10-27 11 Sequence alpha sequence 2023-10-23 12 Plug-n-Hack Configuration beta plugnhack 2022-10-27 13 Passive scanner rules (alpha) alpha pscanrulesAlpha 2023-09-08 14 Active scanner rules (alpha) alpha ascanrulesAlpha 2023-09-08 15 Custom Payloads beta custompayloads 2023-11-10 16 Wappalyzer - Technology Detection release wappalyzer 2024-01-03 17 Advanced SQLInjection Scanner beta sqliplugin 2021-10-20 18 FuzzDB Files release fuzzdb 2022-09-23 19 Community Scripts alpha communityScripts 2023-06-28 20 JWT Support alpha jwt 2023-01-02 ",
- "content": "these were most frequently installed optional addons last month note that does not mean they used harder quantify position addon status id updated importexport beta exim 20231110 database alpha 20231012 requester spider release 20231219 authentication helper authhelper passive scanner rules pscanrulesbeta 20230908 postman support active ascanrulesbeta access control testing accesscontrol 10 port portscan 20221027 11 sequence 20231023 12 plugnhack configuration 13 pscanrulesalpha 14 ascanrulesalpha 15 custom payloads custompayloads 16 wappalyzer technology detection 20240103 17 advanced sqlinjection sqliplugin 20211020 18 fuzzdb files 20220923 19 community scripts communityscripts 20230628 20 jwt 20230102 "
+ "summary": "These were the most frequently installed optional add-ons last month.\nNote that this does not mean they were the most used add-ons - that is harder to quantify.\nPosition Add-On Status Id Last Updated 1 Import/Export beta exim 2023-11-10 2 Database alpha database 2023-10-12 3 Requester beta requester 2023-10-12 4 Spider release spider 2023-12-19 5 Authentication Helper beta authhelper 2024-01-10 6 Passive scanner rules (beta) beta pscanrulesBeta 2023-09-08 7 Postman Support alpha postman 2023-10-12 8 Active scanner rules (beta) beta ascanrulesBeta 2023-09-08 9 Access Control Testing alpha accessControl 2023-09-08 10 Port Scanner beta portscan 2022-10-27 11 Sequence alpha sequence 2023-10-23 12 Plug-n-Hack Configuration beta plugnhack 2022-10-27 13 Passive scanner rules (alpha) alpha pscanrulesAlpha 2023-09-08 14 Active scanner rules (alpha) alpha ascanrulesAlpha 2023-09-08 15 Custom Payloads beta custompayloads 2023-11-10 16 Wappalyzer - Technology Detection release wappalyzer 2024-01-03 17 Advanced SQLInjection Scanner beta sqliplugin 2021-10-20 18 FuzzDB Files release fuzzdb 2022-09-23 19 Community Scripts alpha communityScripts 2023-06-28 20 JWT Support alpha jwt 2023-01-02 ",
+ "content": "these were most frequently installed optional addons last month note that does not mean they used harder quantify position addon status id updated importexport beta exim 20231110 database alpha 20231012 requester spider release 20231219 authentication helper authhelper 20240110 passive scanner rules pscanrulesbeta 20230908 postman support active ascanrulesbeta access control testing accesscontrol 10 port portscan 20221027 11 sequence 20231023 12 plugnhack configuration 13 pscanrulesalpha 14 ascanrulesalpha 15 custom payloads custompayloads 16 wappalyzer technology detection 20240103 17 advanced sqlinjection sqliplugin 20211020 18 fuzzdb files 20220923 19 community scripts communityscripts 20230628 20 jwt 20230102 "
},
{
"url": "/docs/alerts/40029/",
@@ -6669,7 +6669,7 @@
"keywords": ["","marketplace","zap"],
"tags": null,
"summary": "ZAP Marketplace contains ZAP add-ons which have been written by the ZAP team and the community. The add-ons help to extend the functionalities of ZAP. If you are using the latest version of ZAP then you can browse and download add-ons from within ZAP by clicking on this button in the toolbar:",
- "content": "zap marketplace contains addons which have been written by team community help extend functionalities you using latest version then can browse download from within clicking button toolbar: also import that downloaded manually via file load addon menu option desktop name id status author last updated access control testing adds set tools web applications accesscontrol alpha dev 20230908 active scanner rules release ascanrules 59 20231207 ascanrulesalpha 44 beta ascanrulesbeta 48 advanced sqlinjection injection bundle sqli derived sqlmap sqliplugin 15 andrea pompili yhawke 20211020 ajax spider allows sites make heavy use javascript crawljax spiderajax 23180 20231110 alert filters automate changing risk levels alertfilters 19 20231116 all one notes simple extension view pane allinonenotes david vassallo 20211007 attack surface detector analyzes application source code generate endpoints used penetration attacksurfacedetector 114 secure decisions matthew deletto 20190307 authentication helper helps identify up handling authhelper 0100 20231012 statistics records logged inout contexts scope authstats automation framework 0340 beanshell console provides browser render html responses like browserview 20230313 bug tracker bugtracker 20220923 call graph user selected resources callgraph colm o39flaherty home handles calls services callhome 20231103 client side integration exposes information firefox chrome extensions 070 20231201 dx includes request response data xml reports ability upload directly server codedx inc collection: pentester pack collection ideal pentesters packpentester 010 20220512 scan just containing packscanrules 001 20220513 common library other commonlib 1200 scripts useful communityscripts 17 20230628 core language files translations corelang 20220214 custom payloads add edit remove ie scanners custompayloads 0130 database engines related infrastructure 030 development 040 20231219 diff displays dialog showing differences between requests uses diffutils diffmatchpatch 14 directory list v10 names forced fuzzer directorylistv1 v23 lists directorylistv23 lc lower case directorylistv23lc dom xss rule domxss 18 aabha biyani encoder encodedecodehash support scripted processors 140 eval villain when launched evalvillain dennis goodlett 20230926 fileupload detect them find vulnerabilities 121 ksasan preetkaran20gmailcom 20231023 browsing directories owasp dirbuster tool bruteforce fuzzdb offensive backdoors manual fuzzdboffensive 20210611 fuzz 13120 getting started guide short gettingstarted 16 graalvm engine scripting graaljs 050 graphql inspect 0220 groovy 310 arabic helparsa crowdin 20220118 bosnian helpbsba 20180208 chinese simplified helpzhcn english filipino helpfilph french helpfrfr 10 indonesian helpidid japanese helpjajp malay helpmsmy portuguese brazilian helpptbr 11 russian helpruru 20220224 spanish helpeses turkish helptrtr highlighter highlight strings tabs hud heads display 0180 image location privacy passive imagelocationscanner jay ball veggiespam importexport export functionality exim 080 thatsn0tmysite invoke external passing context such urls parameters json shows messages nicely formatted jsonview juha kiveks 20230907 jwt 103 20230102 kotlin 110 stackhawk engineering levoai build openapi specs traffic 020 20221226 linux webdrivers webdriverlinux 69 20240103 macos webdrivermacos map local mapping content chosen maplocal keindel andrey maksimov 20231005 neonmarker colors history table items based tags 160 kingthorin 20230817 network networking capabilities 20231117 oast exploit outofband 0170 online menus onlinemenu 12 imports spiders definitions 38 plus joanna bona nathalie bouchahine artur grzesica mohammad kamar markus kiss michal materniak marcin spiewak sda se open industry solutions parameter digger hidden unlinked finding cache poisoning paramdigger arkaprabha chakraborty 20230606 pscanrules 53 20231130 pscanrulesalpha 41 pscanrulesbeta 35 plugnhack configuration supports mozilla standard: https:developermozillaorgenusdocsplugnhack 13 20221027 port target portscan postman collections python templates included jython quick start tab quickly test quickstart 43 reflect finds reflected 0011 caleb kinney 20210219 regular expression tester expressions regextester replacer easy way replace report generation official 0270 requester send 740 surikato retest presenceabsence previously generated alerts retirejs retire 0290 nikita mundhada reveal show fields enable disabled revisit site any time past session ruby jruby saml 20221028 script jsr 223 languages selenium webdriver provider htmlunit 15160 sequence gives possibility defining scanned serversent events sse communication soap scans wsdl 21 alberto albertov91 automatically uris svn svndigger tips tricks token analysis analyze pseudo random tokens those csrf protection tokengen treetools tree carl sampson value generator define field values submitting app added modified enableddisabled deleted formhandler 650 viewstate aspjsf decoder editor calum hutton wappalyzer technology detection wappalyzer: wappalyzercom 21290 websockets websocket 30 windows webdriverwindows zest graphical security zaps macro steroids "
+ "content": "zap marketplace contains addons which have been written by team community help extend functionalities you using latest version then can browse download from within clicking button toolbar: also import that downloaded manually via file load addon menu option desktop name id status author last updated access control testing adds set tools web applications accesscontrol alpha dev 20230908 active scanner rules release ascanrules 59 20231207 ascanrulesalpha 44 beta ascanrulesbeta 48 advanced sqlinjection injection bundle sqli derived sqlmap sqliplugin 15 andrea pompili yhawke 20211020 ajax spider allows sites make heavy use javascript crawljax spiderajax 23180 20231110 alert filters automate changing risk levels alertfilters 19 20231116 all one notes simple extension view pane allinonenotes david vassallo 20211007 attack surface detector analyzes application source code generate endpoints used penetration attacksurfacedetector 114 secure decisions matthew deletto 20190307 authentication helper helps identify up handling authhelper 0110 20240110 statistics records logged inout contexts scope authstats automation framework 0340 beanshell console provides browser render html responses like browserview 20230313 bug tracker bugtracker 20220923 call graph user selected resources callgraph colm o39flaherty home handles calls services callhome 0100 20231103 client side integration exposes information firefox chrome extensions 070 20231201 dx includes request response data xml reports ability upload directly server codedx inc collection: pentester pack collection ideal pentesters packpentester 010 20220512 scan just containing packscanrules 001 20220513 common library other commonlib 1200 scripts useful communityscripts 17 20230628 core language files translations corelang 20220214 custom payloads add edit remove ie scanners custompayloads 0130 database engines related infrastructure 030 20231012 development 050 diff displays dialog showing differences between requests uses diffutils diffmatchpatch 14 directory list v10 names forced fuzzer directorylistv1 v23 lists directorylistv23 lc lower case directorylistv23lc dom xss rule domxss 18 aabha biyani encoder encodedecodehash support scripted processors 140 eval villain when launched evalvillain dennis goodlett 20230926 fileupload detect them find vulnerabilities 121 ksasan preetkaran20gmailcom 20231023 browsing directories owasp dirbuster tool bruteforce fuzzdb offensive backdoors manual fuzzdboffensive 20210611 fuzz 13120 getting started guide short gettingstarted 16 graalvm engine scripting graaljs graphql inspect 0220 20231219 groovy 310 arabic helparsa crowdin 20220118 bosnian helpbsba 20180208 chinese simplified helpzhcn english filipino helpfilph french helpfrfr 10 indonesian helpidid japanese helpjajp malay helpmsmy portuguese brazilian helpptbr 11 russian helpruru 20220224 spanish helpeses turkish helptrtr highlighter highlight strings tabs hud heads display 0180 image location privacy passive imagelocationscanner jay ball veggiespam importexport export functionality exim 080 thatsn0tmysite invoke external passing context such urls parameters json shows messages nicely formatted jsonview juha kiveks 20230907 jwt 103 20230102 kotlin 110 stackhawk engineering levoai build openapi specs traffic 020 20221226 linux webdrivers webdriverlinux 69 20240103 macos webdrivermacos map local mapping content chosen maplocal keindel andrey maksimov 20231005 neonmarker colors history table items based tags 160 kingthorin 20230817 network networking capabilities 20231117 oast exploit outofband 0170 online menus onlinemenu 12 imports spiders definitions 38 plus joanna bona nathalie bouchahine artur grzesica mohammad kamar markus kiss michal materniak marcin spiewak sda se open industry solutions parameter digger hidden unlinked finding cache poisoning paramdigger arkaprabha chakraborty 20230606 pscanrules 53 20231130 pscanrulesalpha 41 pscanrulesbeta 35 plugnhack configuration supports mozilla standard: https:developermozillaorgenusdocsplugnhack 13 20221027 port target portscan postman collections python templates included jython quick start tab quickly test quickstart 43 reflect finds reflected 0011 caleb kinney 20210219 regular expression tester expressions regextester replacer easy way replace report generation official 0270 requester send 740 surikato retest presenceabsence previously generated alerts retirejs retire 0290 nikita mundhada reveal show fields enable disabled revisit site any time past session ruby jruby saml 20221028 script jsr 223 languages selenium webdriver provider htmlunit 15160 sequence gives possibility defining scanned serversent events sse communication soap scans wsdl 21 alberto albertov91 automatically uris svn svndigger tips tricks token analysis analyze pseudo random tokens those csrf protection tokengen treetools tree carl sampson value generator define field values submitting app added modified enableddisabled deleted formhandler 650 viewstate aspjsf decoder editor calum hutton wappalyzer technology detection wappalyzer: wappalyzercom 21290 websockets websocket 30 windows webdriverwindows zest graphical security zaps macro steroids "
},
{
"url": "/docs/scans/firingrange/",
+