An Introduction to ZAP - The OWASP Zed Attack Proxy
Offered By: LASCON via YouTube
Course Description
Overview
Explore the OWASP Zed Attack Proxy (ZAP) in this 57-minute conference talk by Simon Bennetts at LASCON 2012. Learn about basic penetration testing techniques, ZAP's release history, and its core principles. Discover how ZAP is used across different countries and gain insights into its additional features. Watch a live demonstration covering various aspects such as attack history, search expressions, breakpoints, active scanning, brute force attacks, and more. Understand how to work with anti-CSRF tokens, perform fuzzing, and manage alerts including false positives. Dive into security testing practices, session management, and community involvement. Conclude with a comprehensive summary of ZAP's capabilities and its significance in web application security testing.
Syllabus
Introduction
Simons Statement
Basic Pen Testing Techniques
Release history
Principles
Countries
Information
Additional Features
Demo
Attack
History
Search
Expressions
Breakpoints
History and Sites
Active Scan
Stop It
Brute Force
Other Features
Contact Us
AntiCSRF Token
Fuzzing
Searching
Active Scanning
Testing
Alerts
False positives
Ignore alerts
Save session
Open session
Community
Security Testing
Summary Conclusions
Taught by
LASCON
Related Courses
Introduction to OWASP Top 10 Security RisksA Cloud Guru AWS SimuLearn: Cyber Security Threats
Amazon Web Services via AWS Skill Builder AWS SimuLearn: Edge Protection
Amazon Web Services via AWS Skill Builder Cloud Security Scanner: Qwik Start
Google via Google Cloud Skills Boost OWASP Top 10: Broken Access Control
Codecademy