diff --git a/site/data/charts/check-for-updates.json b/site/data/charts/check-for-updates.json index 3bfdd8841..3551f2844 100644 --- a/site/data/charts/check-for-updates.json +++ b/site/data/charts/check-for-updates.json @@ -96,6 +96,7 @@ ["2023-06-01", 13, 103, 39, 984, 828, 1680, 6592, 9348, 3795, 25282, 16244, 2793847, 92756, 509910, 325873, 0, 0, ""], ["2023-07-01", 9, 99, 58, 1195, 551, 1516, 6748, 9692, 3345, 24430, 14575, 2633856, 91920, 764883, 324122, 0, 0, ""], ["2023-08-01", 11, 29, 76, 1103, 337, 1314, 7079, 8981, 3059, 24628, 12296, 2907470, 87266, 849890, 141427, 116011, 263156, ""], - ["2023-09-01", 9, 31, 61, 955, 414, 1198, 7181, 7337, 2402, 23421, 11682, 3029185, 97153, 116364, 128419, 257047, 574399, ""] + ["2023-09-01", 9, 31, 61, 955, 414, 1198, 7181, 7337, 2402, 23421, 11682, 3029185, 97153, 116364, 128419, 257047, 574399, ""], + ["2023-10-01", 11, 92, 34, 1400, 392, 1632, 7115, 6802, 2583, 22685, 11819, 2919086, 11832, 6194, 9322, 29415, 82661, ""] ] } diff --git a/site/data/charts/container-last-month.json b/site/data/charts/container-last-month.json index 1393f7788..c7e63b64d 100644 --- a/site/data/charts/container-last-month.json +++ b/site/data/charts/container-last-month.json @@ -1,19 +1,17 @@ { - "title": "News Pings by Container in August 2023", - "description": "The number of News pings from ZAP by container in August 2023", + "title": "News Pings by Container in September 2023", + "description": "The number of News pings from ZAP by container in September 2023", "data": [ ["Container", "Count"], - ["zap2docker-stable", 1883809], - ["None", 536855], - ["zap2docker-weekly", 88842], - ["zap2docker-bare", 47964], - ["Unknown", 29689], - ["zap2docker-live", 18669], - ["snapcraft", 5319], - ["zap2docker-stable.webswing", 2629], - ["flatpak", 1050], - ["zap2docker-weekly.webswing", 87], - ["conquest/zap-weekly", 65], - ["zap2docker-live.webswing", 9] + ["zap2docker-stable", 278643], + ["None", 63984], + ["zap2docker-weekly", 11082], + ["Unknown", 4409], + ["zap2docker-live", 3026], + ["zap2docker-bare", 1470], + ["snapcraft", 524], + ["zap2docker-stable.webswing", 278], + ["flatpak", 120], + ["zap2docker-weekly.webswing", 14] ] } diff --git a/site/data/charts/countries-desktop-last-month.json b/site/data/charts/countries-desktop-last-month.json index 0f47fa5c8..4560c724e 100644 --- a/site/data/charts/countries-desktop-last-month.json +++ b/site/data/charts/countries-desktop-last-month.json @@ -1,27 +1,27 @@ { - "title": "Desktop News Pings by Country in August 2023", - "description": "The number of News pings from ZAP Desktops by country in August 2023", + "title": "Desktop News Pings by Country in September 2023", + "description": "The number of News pings from ZAP Desktops by country in September 2023", "data": [ ["Country", "Count"], - ["US", 29844], - ["IN", 28782], - ["JP", 10553], - ["BR", 7910], - ["ID", 6509], - ["GB", 6383], - ["CN", 6302], - ["DE", 5992], - ["TW", 5954], - ["FR", 4836], - ["RU", 4770], - ["CO", 3944], - ["CA", 3843], - ["MX", 3651], - ["AU", 3586], - ["NL", 3471], - ["VN", 3264], - ["ES", 3246], - ["PL", 3197], - ["IT", 2812] + ["IN", 3812], + ["US", 2953], + ["JP", 1407], + ["BR", 1048], + ["CN", 876], + ["GB", 857], + ["ID", 840], + ["DE", 790], + ["TW", 752], + ["RU", 634], + ["FR", 628], + ["NL", 595], + ["AU", 497], + ["MX", 479], + ["PL", 445], + ["IT", 444], + ["LK", 433], + ["CO", 429], + ["ES", 422], + ["PH", 369] ] } diff --git a/site/data/charts/countries-last-month.json b/site/data/charts/countries-last-month.json index 7857513ec..2140b641a 100644 --- a/site/data/charts/countries-last-month.json +++ b/site/data/charts/countries-last-month.json @@ -1,27 +1,27 @@ { - "title": "News Pings by Country in August 2023", - "description": "The number of News pings from ZAP by country in August 2023", + "title": "News Pings by Country in September 2023", + "description": "The number of News pings from ZAP by country in September 2023", "data": [ ["Country", "Count"], - ["US", 892690], - ["GR", 792994], - ["DE", 84134], - ["AU", 83171], - ["SG", 79910], - ["IE", 76120], - ["GB", 57420], - ["AM", 54478], - ["NL", 53675], - ["IN", 48205], - ["CH", 43265], - ["SE", 39648], - ["PT", 31145], - ["FR", 25798], - ["JP", 20809], - ["RU", 16182], - ["BR", 14350], - ["ES", 12124], - ["TW", 11720], - ["CN", 11364] + ["GR", 144695], + ["US", 100807], + ["AU", 14435], + ["DE", 11709], + ["IE", 10299], + ["AM", 8699], + ["GB", 8503], + ["IN", 6531], + ["NL", 6432], + ["SE", 5811], + ["PT", 4883], + ["FR", 4138], + ["JP", 3792], + ["SG", 2570], + ["RU", 2528], + ["BR", 2341], + ["ES", 1424], + ["FI", 1371], + ["TW", 1204], + ["CA", 1200] ] } diff --git a/site/data/charts/docker.json b/site/data/charts/docker.json index 5187e92fe..f2adf21bb 100644 --- a/site/data/charts/docker.json +++ b/site/data/charts/docker.json @@ -77,6 +77,7 @@ ["2023-06-01", 4738, 743044, 178675, 3077, ""], ["2023-07-01", 5027, 682706, 174526, 2964, ""], ["2023-08-01", 4803, 745849, 173582, 2799, ""], - ["2023-09-01", 4384, 833175, 174885, 2593, ""] + ["2023-09-01", 4384, 833175, 174885, 2593, ""], + ["2023-10-01", 4371, 621957, 172010, 1852, ""] ] } diff --git a/site/data/charts/downloads.json b/site/data/charts/downloads.json index 5e4cef878..36a88a3b4 100644 --- a/site/data/charts/downloads.json +++ b/site/data/charts/downloads.json @@ -94,6 +94,7 @@ ["2023-06-01", 0, 0, 0, 0, 490, 3028, 2253, 580, 3123, 66717, 0, ""], ["2023-07-01", 0, 0, 0, 0, 443, 3022, 2062, 757, 3146, 62964, 0, ""], ["2023-08-01", 0, 0, 0, 0, 436, 3062, 1786, 634, 3103, 23596, 50372, ""], - ["2023-09-01", 0, 0, 0, 0, 440, 2899, 1761, 600, 3294, 3149, 70730, ""] + ["2023-09-01", 0, 0, 0, 0, 440, 2899, 1761, 600, 3294, 3149, 70730, ""], + ["2023-10-01", 0, 0, 0, 0, 472, 2748, 1818, 666, 3341, 3128, 67810, ""] ] } diff --git a/site/data/charts/headline.yaml b/site/data/charts/headline.yaml index f3ce586e1..70c12bcc0 100644 --- a/site/data/charts/headline.yaml +++ b/site/data/charts/headline.yaml @@ -1,5 +1,5 @@ -month: August 2023 -zap_runs: 2,614,987 -zap_ascans: 1,020,704 -zap_alerts: 1,112,282,777 -zap_attacks: 2,748,488,718 +month: September 2023 +zap_runs: 363,550 +zap_ascans: 151,724 +zap_alerts: 160,396,704 +zap_attacks: 389,634,583 diff --git a/site/data/charts/os-desktop-last-month.json b/site/data/charts/os-desktop-last-month.json index 21aa3d29d..05179756a 100644 --- a/site/data/charts/os-desktop-last-month.json +++ b/site/data/charts/os-desktop-last-month.json @@ -1,13 +1,12 @@ { - "title": "Desktop News Pings by OS in August 2023", - "description": "The number of News pings from ZAP Desktops by OS in August 2023", + "title": "Desktop News Pings by OS in September 2023", + "description": "The number of News pings from ZAP Desktops by OS in September 2023", "data": [ ["OS", "Count"], - ["Windows", 103100], - ["Kali", 57496], - ["Linux", 39471], - ["MacOS", 19271], - ["BackBox", 602], - ["Unknown", 29] + ["Windows", 12631], + ["Kali", 8089], + ["Linux", 4758], + ["MacOS", 2193], + ["BackBox", 77] ] } diff --git a/site/data/charts/os-last-month.json b/site/data/charts/os-last-month.json index b14e74f87..9a652bbf7 100644 --- a/site/data/charts/os-last-month.json +++ b/site/data/charts/os-last-month.json @@ -1,13 +1,12 @@ { - "title": "News Pings by OS in August 2023", - "description": "The number of News pings from ZAP by OS in August 2023", + "title": "News Pings by OS in September 2023", + "description": "The number of News pings from ZAP by OS in September 2023", "data": [ ["OS", "Count"], - ["Linux", 2322311], - ["Kali", 149288], - ["Windows", 122319], - ["MacOS", 20438], - ["BackBox", 602], - ["Unknown", 29] + ["Linux", 322091], + ["Kali", 24312], + ["Windows", 14705], + ["MacOS", 2365], + ["BackBox", 77] ] } diff --git a/site/data/charts/top_addons_last_month.yaml b/site/data/charts/top_addons_last_month.yaml index de4c2e297..779418252 100644 --- a/site/data/charts/top_addons_last_month.yaml +++ b/site/data/charts/top_addons_last_month.yaml @@ -3,19 +3,19 @@ - id: "requester" - id: "database" - id: "spider" -- id: "pscanrulesBeta" - id: "authhelper" +- id: "pscanrulesBeta" - id: "ascanrulesBeta" -- id: "pscanrulesAlpha" - id: "accessControl" - id: "portscan" -- id: "plugnhack" - id: "sequence" -- id: "ascanrulesAlpha" +- id: "plugnhack" +- id: "pscanrulesAlpha" - id: "custompayloads" +- id: "ascanrulesAlpha" - id: "sqliplugin" -- id: "fuzzdb" - id: "wappalyzer" +- id: "fuzzdb" +- id: "jwt" - id: "jython" - id: "directorylistv2_3" -- id: "jwt" diff --git a/site/data/charts/top_ascan_rules_last_month.yaml b/site/data/charts/top_ascan_rules_last_month.yaml index 1b0e001d4..d39ed067a 100644 --- a/site/data/charts/top_ascan_rules_last_month.yaml +++ b/site/data/charts/top_ascan_rules_last_month.yaml @@ -2,240 +2,240 @@ - id: 10104 name: "User Agent Fuzzer" status: "release" - alerts: "33303697" - fps: 0.118 - num: 139703 - time: 125 + alerts: "2700397" + fps: 0.155 + num: 14151 + time: 75 + +- id: 10095 + name: "Backup File Disclosure" + status: "beta" + alerts: "208948" + fps: 0.114 + num: 11871 + time: 25 - id: 90027 name: "Cookie Slack Detector" status: "beta" - alerts: "609010" - fps: 0.003 - num: 47098 - time: 43 + alerts: "61580" + fps: 0.0 + num: 5255 + time: 10 - id: 40025 name: "Proxy Disclosure" status: "beta" - alerts: "566483" + alerts: "60150" + fps: 0.0 + num: 5378 + time: 54 + +- id: 40024 + name: "SQL Injection - SQLite" + status: "release" + alerts: "29754" + fps: 0.001 + num: 26173 + time: 54 + +- id: 0 + name: "Directory Browsing" + status: "release" + alerts: "26775" fps: 0.0 - num: 47513 - time: 61 + num: 31029 + time: 33 - id: 40035 name: "Hidden File Found" status: "release" - alerts: "374746" - fps: 0.003 - num: 191078 - time: 89 + alerts: "25919" + fps: 0.007 + num: 19415 + time: 55 -- id: 10095 - name: "Backup File Disclosure" +- id: 90028 + name: "Insecure HTTP Method" status: "beta" - alerts: "305441" - fps: 0.644 - num: 75913 - time: 46 - -- id: 40024 - name: "SQL Injection - SQLite" - status: "release" - alerts: "257332" - fps: 0.002 - num: 226170 - time: 65 + alerts: "21016" + fps: 0.0 + num: 5330 + time: 10 - id: 20012 name: "Anti-CSRF Tokens Check" status: "beta" - alerts: "228853" - fps: 1.209 - num: 49504 - time: 14 + alerts: "19876" + fps: 0.233 + num: 5527 + time: 10 - id: 40018 name: "SQL Injection" status: "release" - alerts: "203268" - fps: 0.154 - num: 289514 - time: 236 + alerts: "19100" + fps: 0.162 + num: 32203 + time: 90 - id: 40040 name: "CORS Header" status: "beta" - alerts: "177052" - fps: 0.259 - num: 50695 - time: 47 + alerts: "16791" + fps: 0.618 + num: 5859 + time: 24 + +- id: 40012 + name: "Cross Site Scripting (Reflected)" + status: "release" + alerts: "16757" + fps: 0.008 + num: 21572 + time: 201 - id: 90017 name: "XSLT Injection" status: "release" - alerts: "166994" + alerts: "16418" fps: 0.0 - num: 235652 - time: 91 + num: 23452 + time: 70 -- id: 0 - name: "Directory Browsing" +- id: 6 + name: "Path Traversal" status: "release" - alerts: "143996" - fps: 0.0 - num: 276682 - time: 49 + alerts: "14039" + fps: 0.009 + num: 28293 + time: 171 - id: 40032 name: ".htaccess Information Leak" status: "release" - alerts: "134542" + alerts: "13830" fps: 0.0 - num: 274852 - time: 12 + num: 30859 + time: 11 -- id: 40012 - name: "Cross Site Scripting (Reflected)" +- id: 90024 + name: "Generic Padding Oracle" status: "release" - alerts: "130501" - fps: 0.004 - num: 216622 - time: 101 + alerts: "11137" + fps: 0.0 + num: 19110 + time: 23 - id: 40021 name: "SQL Injection - Oracle" status: "release" - alerts: "113863" + alerts: "10339" fps: 0.0 - num: 198162 - time: 67 + num: 19781 + time: 65 -- id: 6 - name: "Path Traversal" +- id: 10047 + name: "HTTPS Content Available via HTTP" + status: "beta" + alerts: "7906" + fps: 0.0 + num: 11883 + time: 40 + +- id: 10058 + name: "GET for POST" status: "release" - alerts: "94937" - fps: 0.022 - num: 249599 - time: 245 + alerts: "7324" + fps: 0.0 + num: 29243 + time: 10 -- id: 40019 - name: "SQL Injection - MySQL" +- id: 7 + name: "Remote File Inclusion" status: "release" - alerts: "93782" + alerts: "7297" fps: 0.0 - num: 229198 - time: 70 + num: 32260 + time: 82 - id: 30001 name: "Buffer Overflow" status: "release" - alerts: "90161" + alerts: "6741" fps: 0.0 - num: 201715 - time: 18 + num: 20020 + time: 33 -- id: 90028 - name: "Insecure HTTP Method" +- id: 40019 + name: "SQL Injection - MySQL" + status: "release" + alerts: "6613" + fps: 0.0 + num: 26526 + time: 51 + +- id: 30003 + name: "Integer Overflow Error" status: "beta" - alerts: "89948" + alerts: "4556" fps: 0.0 - num: 47586 - time: 18 + num: 5416 + time: 12 - id: 10051 name: "Relative Path Confusion" status: "beta" - alerts: "75326" + alerts: "4178" fps: 0.0 - num: 49083 - time: 14 + num: 5501 + time: 16 -- id: 40020 - name: "SQL Injection - Hypersonic SQL" +- id: 40027 + name: "SQL Injection - MsSQL" status: "release" - alerts: "69113" + alerts: "3730" fps: 0.0 - num: 197537 - time: 71 + num: 23025 + time: 53 -- id: 10047 - name: "HTTPS Content Available via HTTP" +- id: 40038 + name: "Bypassing 403" status: "beta" - alerts: "62272" - fps: 0.0 - num: 76133 - time: 8 + alerts: "3655" + fps: 0.002 + num: 5641 + time: 15 -- id: 10058 - name: "GET for POST" +- id: 40020 + name: "SQL Injection - Hypersonic SQL" status: "release" - alerts: "56494" + alerts: "3486" fps: 0.0 - num: 258128 - time: 14 + num: 19732 + time: 62 - id: 40022 name: "SQL Injection - PostgreSQL" status: "release" - alerts: "56030" + alerts: "3449" fps: 0.0 - num: 227165 - time: 59 + num: 26300 + time: 45 - id: 90034 name: "Cloud Metadata Potentially Exposed" status: "release" - alerts: "53597" - fps: 0.007 - num: 218280 - time: 7 + alerts: "3207" + fps: 0.037 + num: 25613 + time: 2 - id: 90020 name: "Remote OS Command Injection" status: "release" - alerts: "52333" - fps: 0.0 - num: 246549 - time: 178 - -- id: 90036 - name: "Server Side Template Injection (Blind)" - status: "beta" - alerts: "47419" - fps: 0.0 - num: 186425 - time: 53 - -- id: 40038 - name: "Bypassing 403" - status: "beta" - alerts: "40738" - fps: 0.0 - num: 49429 - time: 57 - -- id: 90024 - name: "Generic Padding Oracle" - status: "release" - alerts: "37548" - fps: 0.004 - num: 191105 - time: 21 - -- id: 30003 - name: "Integer Overflow Error" - status: "beta" - alerts: "35824" - fps: 0.0 - num: 48786 - time: 24 - -- id: 7 - name: "Remote File Inclusion" - status: "release" - alerts: "35188" + alerts: "3064" fps: 0.0 - num: 292148 - time: 128 + num: 24096 + time: 162 diff --git a/site/data/charts/top_false_positives_last_month.yaml b/site/data/charts/top_false_positives_last_month.yaml index 8fa89fa5d..d70fc2018 100644 --- a/site/data/charts/top_false_positives_last_month.yaml +++ b/site/data/charts/top_false_positives_last_month.yaml @@ -1,4 +1,8 @@ --- +- id: 10096 + name: "Timestamp Disclosure" + status: "release" + type: "Passive" - id: 10027 name: "Information Disclosure - Suspicious Comments" status: "release" @@ -7,22 +11,22 @@ name: "Cross-Domain Misconfiguration" status: "release" type: "Passive" -- id: 10050 - name: "Retrieved from Cache" - status: "release" - type: "Passive" - id: 10021 name: "X-Content-Type-Options Header Missing" status: "release" type: "Passive" -- id: 10096 - name: "Timestamp Disclosure" +- id: 10050 + name: "Retrieved from Cache" status: "release" type: "Passive" - id: 10035 name: "Strict-Transport-Security Header" status: "release" type: "Passive" +- id: 90033 + name: "Loosely Scoped Cookie" + status: "release" + type: "Passive" - id: 10104 name: "User Agent Fuzzer" status: "release" @@ -35,10 +39,6 @@ name: "Absence of Anti-CSRF Tokens" status: "release" type: "Passive" -- id: 90033 - name: "Loosely Scoped Cookie" - status: "release" - type: "Passive" - id: 10017 name: "Cross-Domain JavaScript Source File Inclusion" status: "release" @@ -47,35 +47,35 @@ name: "Content Security Policy (CSP) Header Not Set" status: "release" type: "Passive" -- id: 10055 - name: "CSP" - status: "release" - type: "Passive" - id: 10109 name: "Modern Web Application" status: "release" type: "Passive" -- id: 20012 - name: "Anti-CSRF Tokens Check" - status: "beta" - type: "Active" - id: 10095 name: "Backup File Disclosure" status: "beta" type: "Active" +- id: 10055 + name: "CSP" + status: "release" + type: "Passive" - id: 10015 name: "Re-examine Cache-control Directives" status: "release" type: "Passive" +- id: 10063 + name: "Permissions Policy Header Not Set" + status: "beta" + type: "Passive" - id: 10010 name: "Cookie No HttpOnly Flag" status: "release" type: "Passive" -- id: 90003 - name: "Sub Resource Integrity Attribute Missing" - status: "beta" +- id: 10020 + name: "Anti-clickjacking Header" + status: "release" type: "Passive" -- id: 10054 - name: "Cookie without SameSite Attribute" +- id: 10062 + name: "PII Disclosure" status: "release" type: "Passive" diff --git a/site/data/charts/zaptype-last-month.json b/site/data/charts/zaptype-last-month.json index cfc92aa78..a9a542a57 100644 --- a/site/data/charts/zaptype-last-month.json +++ b/site/data/charts/zaptype-last-month.json @@ -1,10 +1,10 @@ { - "title": "News Pings by ZAP Run Type in August 2023", - "description": "The number of News pings from ZAP by run type in August 2023", + "title": "News Pings by ZAP Run Type in September 2023", + "description": "The number of News pings from ZAP by run type in September 2023", "data": [ ["ZAPtype", "Count"], - ["cmdline", 1538679], - ["daemon", 856339], - ["desktop", 219969] + ["cmdline", 242703], + ["daemon", 93099], + ["desktop", 27748] ] }