Dynamic Application Security Testing

This skill enables the agent to perform Dynamic Application Security Testing (DAST) against running web applications and APIs. Unlike static analysis, DAST interacts with the application at runtime — sending crafted HTTP requests, fuzzing input parameters, and analyzing responses to detect vulnerabilities such as SQL injection, cross-site scripting, server misconfigurations, broken authentication, and insecure API endpoints. The agent configures scan profiles, handles authenticated scanning, interprets results, and produces actionable remediation reports.

Workflow

1. Define Target Scope and Scan Policy — Specify the target URL, application type (traditional web app, SPA, REST API, GraphQL), and scan boundaries. Define which paths and domains are in scope to prevent scanning unintended targets. Select a scan policy: passive-only for low-risk reconnaissance, active for full vulnerability probing, or API-specific for endpoint fuzzing.

2. Configure Authentication — For applications behind a login, configure the scanner with valid credentials or session tokens. Set up form-based authentication by specifying the login URL, username/password fields, and a logged-in indicator string. For API testing, configure Bearer tokens, API keys, or OAuth flows so the scanner can reach authenticated endpoints.

3. Execute the DAST Scan — Launch the scan using the selected tool (OWASP ZAP, Burp Suite, or Nuclei). The scanner first spiders the application to discover endpoints, then actively probes each endpoint with attack payloads. Monitor scan progress and resource consumption to avoid overwhelming the target environment.

4. Analyze and Classify Findings — Review scan results and classify each finding by vulnerability type, severity (using CVSS), confidence level, and affected URL. Filter out informational noise and false positives by verifying that the reported response actually demonstrates the vulnerability.

5. Generate Remediation Report — Produce a structured report containing each finding with the vulnerable URL, HTTP request/response evidence, severity rating, CWE identifier, OWASP category mapping, and specific remediation guidance. Export in HTML, JSON, or SARIF format for integration with issue trackers.

6. Schedule Recurring Scans — Configure the scan to run on a regular schedule (e.g., nightly against staging) or trigger it on deployment to a QA environment. Compare results across scan runs to track remediation progress and detect newly introduced vulnerabilities.

Supported Technologies