Switch branches/tags
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
README.md
VulnScanPolicy.policy
juiceshop-vulnerabilities.html
vuln-scanning.pdf

README.md

18F Tech Talk: Vulnerability Scanning With OWASP ZAP

This talk was given on 2016/02/22. It was a walkthrough and introduction to OWASP ZAP, an intercepting proxy for testing web applications.

Slides are here, but minimal. Here are the links from the resources page: ZAP's homepage: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project

Our guide to using ZAP: https://pages.18f.gov/before-you-ship/security/dynamic-scanning/

The incredible ZAP wiki: https://github.com/zaproxy/zap-core-help/wiki

Setting up the proxy: https://github.com/zaproxy/zap-core-help/wiki/HelpStartProxies

Juice Shop, an intentionally insecure Web App: http://bkimminich.github.io/juice-shop/#/

Fuzzing data: https://github.com/minimaxir/big-list-of-naughty-strings