Overview
Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the OWASP Zed Attack Proxy (ZAP) in this 57-minute conference talk by Simon Bennetts at LASCON 2012. Learn about basic penetration testing techniques, ZAP's release history, and its core principles. Discover how ZAP is used across different countries and gain insights into its additional features. Watch a live demonstration covering various aspects such as attack history, search expressions, breakpoints, active scanning, brute force attacks, and more. Understand how to work with anti-CSRF tokens, perform fuzzing, and manage alerts including false positives. Dive into security testing practices, session management, and community involvement. Conclude with a comprehensive summary of ZAP's capabilities and its significance in web application security testing.
Syllabus
Introduction
Simons Statement
Basic Pen Testing Techniques
Release history
Principles
Countries
Information
Additional Features
Demo
Attack
History
Search
Expressions
Breakpoints
History and Sites
Active Scan
Stop It
Brute Force
Other Features
Contact Us
AntiCSRF Token
Fuzzing
Searching
Active Scanning
Testing
Alerts
False positives
Ignore alerts
Save session
Open session
Community
Security Testing
Summary Conclusions
Taught by
LASCON