Description: The Zed Attack Proxy (ZAP) is an OWASP Flagship project and the largest open source web application security tool measured by active contributors. While it is an ideal tool for people new to appsec it also has many features specifically intended for advanced penetration testing.
In this talk Simon will give a quick introduction to ZAP and then dive into some of these features, including:
* Handling single page and other 'non standard' apps
* Client side testing with Plug-n-Hack
* Advanced scanning options
* Contexts
* Fuzzing
* Scripting
* Zest - ZAP's macro language
* Changing the source code
Speaker
Simon Bennetts
Security Automation Engineer, Mozilla
Simon Bennetts has been developing web applications since 1997, and strongly believes that you cannot build secure web applications without knowing how to attack them. | | He is the OWASP Zed Attack Proxy Project Leader and works for Mozilla as part of the Security Team.
For More Information please visit : - https://2014.appsec.eu/
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.