June 2017
Intermediate to advanced
338 pages
8h 28m
English
Content preview from Mastering Kali Linux for Web Penetration Testing
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Pulling back the curtain with ZAP
OWASP's suite of tools are well worth learning – their platform-agnostic approach means you can use these tools anytime, anywhere without worrying about which operating system you are on. Luckily for us, Kali bundles it by default. Even more helpful to us as testers is OWASP's leadership in the Web Application Security arena. Their insights and guidance make it into each iteration of the ZAP (https://www.owasp.org/index.php/ZAP) tool, so we can be certain that we're getting leading edge vulnerability and exploit information incorporated into the tool as it is discovered.
As with any tool in Kali, you've likely already used ZAP in your studies or work, but there are some advanced techniques that can be employed ...