Friday, November 13, 2015

Security Testing with ZAP 2.4.2

Using ZAP 2.4.2 you can easily capture vulnerabilities in web applications. From this blog post my aim is to explain step by step how to do penetration testing using ZAP 2.4.2 to identify any vulnerabilities your site might hold

Getting Started

Once you start ZAP you will see a quick start tab. Simply insert the url of your web application and start the attack. ZAP will crawl through all the URLs which matches with the URL domain that you have specified.


Once you start the attack ZAP will crawl through your web application and record all url’s from your domain. It will skip url’s that point to other domains. In the second step it will run different attack scenarios against the found url’s and record the results.
As you can see this quick start entering the URL and doing the attack is just a basic security check for your application. The spider only finds url’s that were linked from the initial page. In order to find more security vulnerability and do more penetration testing you have to access more pages than the initial page.

For that you have to configure ZAP as a proxy and then record whatever scenarios you want, go to whatever pages you want and make a zap test script as you wish.

Configure ZAP as Proxy

To do this you have to configure a proxy setting in your browser and same proxy port should be configured in ZAP, so when you are browsing your web application from your browser, ZAP will listen  and record the requests/traffic and later on you can playback as an attack what is recorded 


How to Configure Your Browser to Use Proxy

Go to Firefox > Options > Network > Settings. Tick the "Manual Proxy Configuration" and enter the proxy port  ( eg:8090). Tick "Use this Proxy for server for all protocols" and Save


How to Configure ZAP as Proxy

Open ZAP -> Tools -> Options -> Local Proxy. Configure the address and port on which ZAP will listen for requests.

Address: localhost
Port: 8090

Once you browse through the website ZAP will automatically record the traffic. In the Sites window you will find all websites and requests that ZAP recorded and will be broke-down according to different domains.



Now you can click on the active scan selecting which site you need to attack. Once the attack is complete you can see the high flags, medium flags and low flags to identity the security vulnerabilities  your site is having.

Click on the ALERTS section to find out about the status of the alerts.


That's it. Hope this would be helpful.
at
Labels: , , ,

1 comment:

  1. RubyMay 5, 2019 at 5:24 AM

    Pretty article! I found some useful information in your blog, it was awesome to read, thanks for sharing this great content to my vision, keep sharing. Need to learn
    Security Testing Services
    Test Automation Services
    Software Testing Services
    Compatibility Testing Services
    Regression Testing Services

    ReplyDelete

Subscribe to: Post Comments (Atom)

Importance of Daily Scrum Meeting and Sprint Retrospective

Importance of Daily Scrum Meeting What is a Daily Scrum Meeting? A Scrum meeting is usually held for Projects that are focusing on Agi...