Explore the new Heads Up Display feature of OWASP Zed Attack Proxy (ZAP) in this conference talk from AppSecUSA 2018. Discover how this popular free security tool can automatically detect vulnerabilities in web applications during development and testing phases. Learn about ZAP's capabilities for both automated and manual security testing, with a focus on the innovative Heads Up Display. Follow along as David Scrobonia demonstrates key features, including enabling hidden fields, attack mode, page alert icons, and scripting. Gain insights into the SAP API, understand how the Heads Up Display works under the hood, and explore its source code and service worker implementation. Whether you're a developer, tester, or experienced pentester, this talk offers valuable knowledge to enhance your web application security practices.
ZAP Heads Up Display - Introduction and Demo
Overview
Syllabus
Introduction
Demo
Show Enable Hidden Fields
Attack Mode
Page Alert Icons
Scripting
SAP API
How it Works
Source Code
Service Worker
Taught by
OWASP Foundation
Related Courses
-
How to Use ZAP and ZAP HUD for Web Application Testing - LevelUp 0x04
-
Creating Accessible Security Testing with ZAP - AppSecCali 2019 Lightning Talk
-
Introduction to OWASP's Zed Attack Proxy - Web Application Penetration Testing
-
An Introduction to ZAP - The OWASP Zed Attack Proxy
-
OWASP Zed Attack Proxy: Latest Features and Developments - Lecture
-
OWASP ZAP Advanced Features for Web Application Security Testing
