3 Configuring, Crawling, Scanning, and Reporting

We’ve now reached Chapter 3. Here, we’ll start taking a deep dive into hacking, but before we get to that, we first need to understand how to set up our browser and Zed Attack Proxy (ZAP) to capture traffic successfully and without error, and learn the varying options you have as a user. We’ll cover the basics of crawling (or spidering) and using the application to map the Sites tree and prepare for scanning (audit). Finally, we’ll go over reporting and how to generate a report that fits your assessment, and we will interpret that data for better results.

In this chapter, we will cover the following recipes:

Setting scope in ZAP
Crawling with the Spider
Crawling with the AJAX Spider
Scanning ...

Get Zed Attack Proxy Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Zed Attack Proxy Cookbook by Ryan Soper, Nestor N Torres, Ahmed Almoailu

3

Configuring, Crawling, Scanning, and Reporting

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly