Modern web #apps are very prevalent these days, and by “#modern” we mean web apps which make heavy use of JavaScript in the browser (a.k.a. the client).

These apps are challenging for all security tools, including #ZAP. Historically ZAP has been a #MitM proxy which means it can see all of the communications between the browser and the target app, but it has not been able to see what is going on in the browser.

https://www.zaproxy.org/blog/2023-11-03-handling-modern-web-apps-better-part1/

Handling Modern Web Apps Better - Part 1

Introducing a new add-on which allows ZAP (and you) to see what is going on in the browser.

^{www.zaproxy.org}