Introduction to OWASP's Zed Attack Proxy - Web Application Penetration Testing
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the powerful OWASP Zed Attack Proxy (ZAP) in this comprehensive 58-minute tutorial. Dive into this free, open-source integrated penetration testing tool for identifying vulnerabilities in web applications, comparable to commercial alternatives like IBM AppScan and HP WebInspect. Learn about ZAP's features, its recent developments, and how to leverage it effectively. Follow along with hands-on demonstrations using purposefully insecure web applications. Cover essential topics including installation, getting started, scanning websites, working with contexts, fuzzing, automated tests, the ZAP Marketplace, and advanced features like Zest, breakpoints, and scripting. Gain valuable insights into web application security testing and enhance your penetration testing skills with this OWASP volunteer-maintained tool.
Syllabus
Intro
The Goal
About Me
Who is ZAP for
Demo
Apps
Documentation
Installing ZAP
Getting started with ZAP
Using ZAP
Logging in
Scanning the site
Contexts
Context
Fuzzing
Can Tests
The Marketplace
Conclusion
QA
Zest
Breakpoints
Scripting
Taught by
OWASP Foundation
Related Courses
Network SecurityGeorgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent