Scan websites for vulnerabilities
Setup and use OWASP ZAP Proxy
Use a dictionary list to find files and folders and spider crawl to find links and URLs
By the end of this project, you will learn the fundamentals of how to use OWASP Zed Attack Proxy (ZAP). This tool greatly aids security professionals and penetration testers to discover vulnerabilities within web applications. You will learn how to perform a basic web app vulnerability scan, analyze the results, and generate a report of those results. This course includes steps on how to configure the browser proxy to passively scan web requests and responses by simply exploring websites. This course will also include how to use dictionary lists to find files and folders on a web server, and how to spider crawl websites to find all the links and URLs. Finally, the end of the course gives a brief overview of how to intercept, view, modify, and forward web requests that occur between the browser and web application. Note: This course works best for learners who are based in the North America region. We’re currently working on providing the same experience in other regions.
In a video that plays in a split-screen with your work area, your instructor will walk you through these steps:
Introduction and overview of what OWASP ZAP is and how it is important for web security professionals.
Understand the layout of OWASP ZAP and scan a website for vulnerabilities.
Analyze the OWASP ZAP vulnerability scan results and generate a vulnerability report from those results.
Setup and configure FoxyProxy within the Firefox browser to use ZAP as a proxy.
Find files and directories of a web server using a dictionary list within OWASP ZAP.
Using OWASP ZAP to crawl and spider websites to find links and URLs.
Using OWASP ZAP as a web proxy to intercept a valid request, modify it to make it invalid, and then send it to the web server to provoke unexpected behavior from it.
Your workspace is a cloud desktop right in your browser, no download required
In a split-screen video, your instructor guides you step-by-step
The course I believe was a bit easy and not intermediate plus Rhyme refused connections to the mutilliadae server
The information is very helpful. I got basic knowledge to continue learning OWASP ZAP.
As a beginner it was very helpful to me. Iam able to learn quickly as well.
It is good for starters, but I think for the tool we fall a little short.
What will I get if I purchase a Guided Project?
By purchasing a Guided Project, you'll get everything you need to complete the Guided Project including access to a cloud desktop workspace through your web browser that contains the files and software you need to get started, plus step-by-step video instruction from a subject matter expert.
Are Guided Projects available on desktop and mobile?
Because your workspace contains a cloud desktop that is sized for a laptop or desktop computer, Guided Projects are not available on your mobile device.
Who are the instructors for Guided Projects?
Guided Project instructors are subject matter experts who have experience in the skill, tool or domain of their project and are passionate about sharing their knowledge to impact millions of learners around the world.
Can I download the work from my Guided Project after I complete it?
You can download and keep any of your created files from the Guided Project. To do so, you can use the “File Browser” feature while you are accessing your cloud desktop.
What is the refund policy?
Guided Projects are not eligible for refunds. See our full refund policy.
Is financial aid available?
Financial aid is not available for Guided Projects.
Can I audit a Guided Project and watch the video portion for free?
Auditing is not available for Guided Projects.
How much experience do I need to do this Guided Project?
At the top of the page, you can press on the experience level for this Guided Project to view any knowledge prerequisites. For every level of Guided Project, your instructor will walk you through step-by-step.
Can I complete this Guided Project right through my web browser, instead of installing special software?
Yes, everything you need to complete your Guided Project will be available in a cloud desktop that is available in your browser.
What is the learning experience like with Guided Projects?
You'll learn by doing through completing tasks in a split-screen environment directly in your browser. On the left side of the screen, you'll complete the task in your workspace. On the right side of the screen, you'll watch an instructor walk you through the project, step-by-step.
More questions? Visit the Learner Help Center.