id: zap-rest-api-detect

info:
  name: ZAP Rest API Server Running
  author: hahwul
  severity: info
  reference:
    - https://www.zaproxy.org/docs/api/
  metadata:
    max-request: 1
  tags: zap,tech

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers:
      - type: word
        part: response
        words:
          - '<title>ZAP API UI</title>'
          - 'Welcome to the OWASP Zed Attack Proxy (ZAP)'
          - 'Access-Control-Allow-Headers: ZAP-Header'
        condition: or
# digest: 490a0046304402201ba3c0fe363f13de37c078e2a2b2011e969a2137a2bede707069727f6a3fe8c40220445b502863ab785d195a68c23019dc6b9aae9c8df7b8be947cbadb94cdb4faf0:922c64590222798bb761d5b6d8e72950