Learn how to use Zed Attack Proxy to test web applications.
- [Narrator] Zed Attack Proxy is another proxy web tool…which comes as part of Carley.…Let's take a look at it.…I'll select Applications, Web Application Analysis…and click on OWASP ZAP.…Okay, we have the main ZAP page.…Let's check Tools, Options.…And then select Local Proxy from the Options list.…
We can see that ZAP is set up to proxy on Port 8080.…IceWeasel is already set up for proxying on Port 8080.…So we're ready to go.…I'll connect through to the Hacme Casino…and I'll log in as Bobby Blackjack.…Back in ZAP we can see the casino site…that was accessed in the left panel.…
And the conversations in the bottom panel.…I'll scroll down to the post request for account log in.…And in the top right panel, I'll select request tab.…We can see the cookie in the top part of the request panel.…And the plain text credentials in the lower part.…I'll now get ZAP to hold all requests from me to inspect…and if I want to, change.…To do this, I'll press the green circle…in the top menu bar…which is, set break on all requests and responses.…
Note: The topics in this course will prepare you for key objectives on the Certified Ethical Hacker exam. Find an overview of the certification and the exam handbook at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Dissecting HTTP/HTTPS protocol
- Working with WebSockets
- Understanding cookies
- Installing testing tools such as Hacme Casino and the Vega Scanner
- Running web application tests
- Practicing your skills
Skill Level Intermediate
Ethical Hacking: Denial of Servicewith Malcolm Shore1h 28m Intermediate
1. Introduction to Web
2. Getting Ready to Test
3. Running Basic Web Application Tests
4. Advanced Web Application Tests
5. Practicing Your Skills
What's next1m 11s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.