AISeen
Audit your site
/OverviewSEO ScoreGEO ScoreAEO ScoreSecurityPentest DefenseVibe ScoreZAP ScanSpeed & PerformanceTech StackGitHub AnalyzerFAQChrome Extension🏆 Leaderboard/Blog

ZAP Security Scan (Pro) — OWASP Passive Scan — AISeen Docs

Pro Feature

How AISeen runs OWASP ZAP passive scan: real HTTP traffic, 150+ rules, cookie issues, mixed content, CORS, and security header violations.

Available on Pro & Agency plans

ZAP scan requires running an OWASP ZAP Docker container as a proxy for the browser session. This provides deeper analysis than our free header scan but requires dedicated infrastructure — available on paid plans.

View Pro plans

How the ZAP scan works

  1. 01

    Browser session starts

    A headless Chromium browser navigates to your URL with OWASP ZAP running as an HTTP proxy.

  2. 02

    Passive traffic analysis

    ZAP intercepts all HTTP requests and responses without modifying them (passive mode — zero risk of breaking your site).

  3. 03

    150+ rules applied

    Each request/response pair is evaluated against OWASP's passive scanner rules — checking headers, cookies, content, and patterns.

  4. 04

    Alerts generated

    Findings are categorized by risk level: High, Medium, Low, and Informational.

  5. 05

    Report delivered

    You receive a structured report with each alert, its description, evidence, and recommended fix.

What ZAP finds

🔒

Missing Security Headers

Real browser-level check for all OWASP required headers.

🍪

Cookie Issues

Flags each cookie missing Secure, HttpOnly, or SameSite flags.

🔀

Mixed Content

HTTP resources (images, scripts, fonts) loaded on HTTPS pages.

🌐

CORS Issues

Overly permissive CORS headers detected in real responses.

💬

Information Leakage

Server version strings, error messages, debug information.

📦

Cache Control

Sensitive pages lacking Cache-Control: no-store, no-cache.

🖼️

Content Type Issues

Responses without proper Content-Type or charset declaration.

CSP Weaknesses

Overly permissive CSP policies (unsafe-inline, unsafe-eval, *).

🔑

Authentication Headers

Missing or weak WWW-Authenticate and related auth signals.

📡

Private IP Disclosure

Internal IP addresses or RFC 1918 addresses leaked in headers.

Alert risk levels

High Risk

Direct attack vectors that can lead to data theft, account takeover, or full site compromise.

Examples:

  • Missing HSTS on HTTPS site
  • CSP not present
  • Cookies without Secure flag on login form
Medium Risk

Issues that require specific conditions to exploit but represent meaningful security gaps.

Examples:

  • X-Content-Type-Options missing
  • Referrer-Policy absent
  • Anti-clickjacking header not set
Low Risk

Low-priority issues that contribute to defense-in-depth but are rarely exploited directly.

Examples:

  • Cache-Control not set on sensitive page
  • Timestamp disclosure
  • X-XSS-Protection absent
Informational Risk

Not vulnerabilities, but findings worth reviewing for completeness and best practice compliance.

Examples:

  • Server header present (without version)
  • Session cookie without HttpOnly
  • Modern browser compatibility

ZAP scan vs. basic security check

FeatureBasic (Free)ZAP (Pro)
Header analysisStatic — reads headers from one responseDynamic — full browser session, all pages
Cookie inspectionChecks Set-Cookie headers on homepage onlyChecks all cookies across multiple requests
Mixed contentNot detectedDetected via real browser rendering
CORS testingReads Allow-Origin header valueSends actual CORS probes with Origin headers
Rule coverage~8 header rules150+ OWASP passive rules
AvailabilityAll plansPro & Agency plans only

ZAP Security Scan (Pro) — OWASP Passive Scan — AISeen Docs

How AISeen runs OWASP ZAP passive scan: real HTTP traffic, 150+ rules, cookie issues, mixed content, CORS, and security header violations.

Audit your site free →