Explore the powerful OWASP Zed Attack Proxy (ZAP) in this comprehensive 58-minute tutorial. Dive into this free, open-source integrated penetration testing tool for identifying vulnerabilities in web applications, comparable to commercial alternatives like IBM AppScan and HP WebInspect. Learn about ZAP's features, its recent developments, and how to leverage it effectively. Follow along with hands-on demonstrations using purposefully insecure web applications. Cover essential topics including installation, getting started, scanning websites, working with contexts, fuzzing, automated tests, the ZAP Marketplace, and advanced features like Zest, breakpoints, and scripting. Gain valuable insights into web application security testing and enhance your penetration testing skills with this OWASP volunteer-maintained tool.
Introduction to OWASP's Zed Attack Proxy - Web Application Penetration Testing
Overview
Syllabus
Intro
The Goal
About Me
Who is ZAP for
Demo
Apps
Documentation
Installing ZAP
Getting started with ZAP
Using ZAP
Logging in
Scanning the site
Contexts
Context
Fuzzing
Can Tests
The Marketplace
Conclusion
QA
Zest
Breakpoints
Scripting
Taught by
OWASP Foundation
Related Courses
-
Getting Started with OWASP Zed Attack Proxy (ZAP) for Web Application Penetration Testing
-
Web Application Security Testing with OWASP ZAP
-
OWASP Zed Attack Proxy: Latest Features and Developments - Lecture
-
An Introduction to ZAP - The OWASP Zed Attack Proxy
-
OWASP ZAP Advanced Features for Web Application Security Testing
-
Zed Attack Proxy - Introduction to Web Application Security Testing
