We implemented this new method using OWASP ZAP detection policies. The method was tested against two benchmark vulnerable web applications, Mutillidae and WebGoat, and was shown to significantly ...