FileUpload addon fires 450 requests in insane mode #11
Labels
Comments
preetkaran20
added
enhancement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
As there are too many requests this Addon fires so we need a way to categorize so that users can choose a suitable category for their application and only test for that category.
Describe the solution you'd like
One simple solution is having Attack vectors mentioned in the Options Panel and the user can choose the Attack vectors like HtaccessFileUpload or SimpleJSPFIleUpload (Names can be shown a little better) and only those attack vectors only execute.
E.g:
Code references
Options panel UI: https://github.com/SasanLabs/owasp-zap-fileupload-addon/blob/main/src/main/java/org/sasanlabs/fileupload/ui/FileUploadOptionsPanel.java
Attack vector: https://github.com/SasanLabs/owasp-zap-fileupload-addon/blob/main/src/main/java/org/sasanlabs/fileupload/attacks/FileUploadAttackExecutor.java#L47
Testing code changes
build the addon by running
Then go to the ZAP -> File -> Local addon file -> Navigate to project -> build -> bin -> fileupload*.zap and done.
The text was updated successfully, but these errors were encountered: