Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

An Introduction to ZAP - The OWASP Zed Attack Proxy

LASCON via YouTube

Overview

Explore the OWASP Zed Attack Proxy (ZAP) in this 57-minute conference talk by Simon Bennetts at LASCON 2012. Learn about basic penetration testing techniques, ZAP's release history, and its core principles. Discover how ZAP is used across different countries and gain insights into its additional features. Watch a live demonstration covering various aspects such as attack history, search expressions, breakpoints, active scanning, brute force attacks, and more. Understand how to work with anti-CSRF tokens, perform fuzzing, and manage alerts including false positives. Dive into security testing practices, session management, and community involvement. Conclude with a comprehensive summary of ZAP's capabilities and its significance in web application security testing.

Syllabus

Introduction
Simons Statement
Basic Pen Testing Techniques
Release history
Principles
Countries
Information
Additional Features
Demo
Attack
History
Search
Expressions
Breakpoints
History and Sites
Active Scan
Stop It
Brute Force
Other Features
Contact Us
AntiCSRF Token
Fuzzing
Searching
Active Scanning
Testing
Alerts
False positives
Ignore alerts
Save session
Open session
Community
Security Testing
Summary Conclusions

Taught by

LASCON

Reviews

Start your review of An Introduction to ZAP - The OWASP Zed Attack Proxy

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.