Update alert http links about zaproxy HOT 24 OPEN

Also if there are various alerts for a single rule it would be best to tackle them all at the same time in the same PR. (Ex: Tackle 90019*)

Edit: Which you did, perhaps unknowingly 😉

from zaproxy.

I've added a PR reference for those for which the Vulnerabilities.xml entry was adjusted but they still need examples and testing, so are not checked off (though maybe that's more 6119?).

from zaproxy.

IMO we should only check the ones that were already merged, and yes, the validation of refs should be left for other issue.

from zaproxy.

WASC is dead as far as I'm concerned so I'd suggest changing it to something else, or dropping it if you can't find something useful. When I was going through the vulnerabilities.xml changes I found that the OWASP CheetSheet project had good sources to replace WASC for a lot of things.

from zaproxy.

@thc202 Can I try https://www.zaproxy.org/docs/alerts/40013/

from zaproxy.

@jay3393 go for it!

from zaproxy.

@psiinon , i will like to work on some of this , after going through the code especially for https://www.zaproxy.org/docs/alerts/10019/
https://www.zaproxy.org/docs/alerts/10021/
i think we only need to change the message.properties file of respective alerts, am i right ?

from zaproxy.

Yes.

from zaproxy.

I would now work on https://www.zaproxy.org/docs/alerts/90019-2/

I will always edit this post when I finish or start the next one.

from zaproxy.

Better pick several and post a new comment, otherwise we will have to check the comment for edits (they don't raise notifications like new comments do).

from zaproxy.

i will work on:
https://www.zaproxy.org/docs/alerts/90011/ done
https://www.zaproxy.org/docs/alerts/20014/ done
https://www.zaproxy.org/docs/alerts/10035/ done

from zaproxy.

For 20014 please update the existing PR (if still open by then).

from zaproxy.

All the above done. General question: For some links, if you change them from HTTP to HTTPS, the link still works, but the certificate of the reference page is invalid because it is issued for the wrong domain (https://projects.webappsec.org/w/page/13246925/Fingerprinting)

Should the old reference be retained or replaced with a completely new one?

from zaproxy.

https://www.zaproxy.org/docs/alerts/3-1/ and https://www.zaproxy.org/docs/alerts/3-2/
are written 1 to 1 the same - shouldn't one of the two alerts be removed?

from zaproxy.

Yeah, it does look like these should be the same type of alerts, even though the detection code is slightly different. This would require a code change.
Thoughts @thc202 @kingthorin ?

from zaproxy.

It becomes a bigger issue to drop or renumber things. It could mess with people's alert filters.

I'd have to look at the code again to see the difference(s).

from zaproxy.

For my two cents leave it as-is for now.

from zaproxy.

I'm working through example alerts and refs in pscanrules over the weekend. I'll update the lists on both issues as I go.

from zaproxy.

Hello, @psiinon
It's Aditya again I would like to work on this issue

from zaproxy.

Reserved, go ahead :)

from zaproxy.

I'm working on
https://www.zaproxy.org/docs/alerts/40044/

from zaproxy.

Re: https://www.zaproxy.org/docs/alerts/10053/ I've checked it off as it's a deprecated rule.

Edit: Fixed on the site in zaproxy/zaproxy-website#2389

from zaproxy.

@psiinon ,
I am willing to work on https://www.zaproxy.org/docs/alerts/30003/.
if it isn't resolved.

from zaproxy.

It's not, now assigned to you.

from zaproxy.