Abstract

Automating Web Pentesting with ZAP

This is a hands-on demo on using OWASP ZAP for automating web app pentesting

Outline

  1. Intro to OWASP ZAP
  2. Quick ZAP GUI tour
  3. Exploring ZAP API
  4. Using ZAP Python library
  5. Automated web app spidering
  6. Automated API spidering
  7. Passive scan | Active scan
  8. Handling authentication

Instructions

  • Anyone can follow through the talk and try the demos
  • You need a laptop with OWASP ZAP, Python 2.x installed
  • Demo scripts will be provided through github

Speaker

Bharath

Security research @Appsecco

I enjoy good books, coffee, camping and stargazing!

https://disruptivelabs.in

Timing

Starts at Saturday August 26 2017, 09:30 AM. The sessions runs for about 1 hour.

Resources