Projects/OWASP Zed Attack Proxy Project/Pages/Talks
2014 Feb 23: SCALE 12x Los Angeles Aaron Guzman: ZAPping your applications
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated testing tool for finding vulnerabilities and bugs in web applications.
ZAP is a flagship OWASP project with an active community behind it. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
It is designed to be used by people with a wide range of experience in developing, security penetration testing and functional testing.
As such, this presentation will be covering basic to intermediate testing on web applications, use cases, basic scripting, zest scripting, and integration automation for software development lifecycle.
2014 March 17: OWASP AppSec APAC Tokyo Minoru Sakai: Hands on Simple method of the penetration testing using OWASP ZAP (Japanese)
This course goes through automated security testing from OWASP tools:
- OWASP Zed Attack Proxy
- OWASP Broken Web Applications
2014 May 13-16: CF.Objective() Bloomington, MN Dave Epler: Using OWASP ZAP to find vulnerabilities in your web apps
Target Audience: Developers
Assumed Knowledge: Basic knowledge of OWASP Top Ten
Objective: To learn how to use OWASP ZAP to test your web application for vulnerabilities
- What is OWASP ZAP
- Why use ZAP
- Testing for vulnerabilties with ZAP
- Automated Testing
- Directed Testing
- Integrating ZAP with other tools