Security Testing: Using OpenAPI 3.0 with OWASP ZAP

So, right now you can’t really do that right off the bat.

Existing GitHub issue

There is an existing GitHub issue asking for OpenAPI 3.0 support on OWASP ZAP, but currently (at the time of writing) that is still open:

First, you’ll need to get OWASP ZAP

Then, get the OpenAPI support plugin

Here’s a post that explains API exploration via OWASP ZAP:

OpenAPI 3.0 to Swagger 2.0

You can use this API Spec Converter tool for conversion:

Leave a comment

Time limit is exhausted. Please reload the CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.