[Owasp-leaders] Plug-n-Hack and Zest

Abraham Aranguren abraham.aranguren at owasp.org
Sun Aug 25 21:15:24 UTC 2013

Yes this is a great idea: Zest will make security tools integrate
better, which essentially means we will be able to join forces more
OWASP OWTF supports Plug-n-Hack now and my AppSec EU talk was updated to
reflect this (slides:
Zest integration is also in our issue tracker as an upcoming feature:

The AppSec EU OWASP leader meet-up was probably one of the best things
of the whole conference and I seriously believe that most open source
projects can learn a lot from both Mozilla and ZAP.

Great work Simon and Yvan, keep that coming :)

Thank you everybody,


On 08/24/2013 03:42 PM, Abhi M Balakrishnan wrote:
> That is really a wonderful news Simon.
> This will make it easy to make ZAP work more efficiently with OWASP
> Mantra too. I look forward to see OWASP ZAP as a golden standard in
> web application security testing worldwide.
> Warm Regards,
> Abhi M Balakrishnan
> Project Leader at OWASP Mantra <http://www.getmantra.com/> and OWASP
> Bricks <http://sechow.com/bricks/>
> On Sat, Aug 24, 2013 at 6:18 PM, psiinon <psiinon at gmail.com
> <mailto:psiinon at gmail.com>> wrote:
>     In my ZAP talk at AppSec EU (slides here:
>     http://www.slideshare.net/psiinon/owasp-2013-appseceu) I announced
>     2 new security related technologies from the Mozilla Security
>     Team: Plug-n-Hack and Zest.
>     I demonstrated both working with ZAP, but these are not tied to
>     ZAP - we want them both to be adopted as widely as possible and
>     have therefore designed and implemented them to be tool independent.
>     Plug-n-Hack (PnH) is a proposed standard defining how security
>     tools can interact with browsers in a more useful and usable way:
>     https://blog.mozilla.org/security/2013/08/22/plug-n-hack/
>     We've already had confirmation that PnH will be adopted by Burp,
>     Kali and OWASP OWTF :)
>     Zest is an experimental specialized scripting language intended to
>     be used in web oriented security tools:
>     https://developer.mozilla.org/en-US/docs/zest
>     If you are interested in using PnH or Zest in any of your
>     projects/tools (OWASP or otherwise) then please give me a shout
>     and I'll try and help as much as I can.
>     And these are open source projects, so anyone can get involved
>     developing them :)
>     Cheers,
>     Simon
>     -- 
>     OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>     _______________________________________________
>     OWASP-Leaders mailing list
>     OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

More information about the OWASP-Leaders mailing list