ZAP

security

Videos
https://github.com/zaproxy/zaproxy
https://github.com/zaproxy/zaproxy/wiki/Downloads
https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project

Using ZAP to write automated regression test cases.

Snort
Nexus scanner
OWASP

// What to configure
Pages to ignores (logout, static pages that does not contain any forms)
Anti CSRF tokens
Session handling
Authentication
Users
Structure (single page apps)
Non-standard separators, e.g. aaa:bbb;ccc:ddd

To switch ZAP to safe mode, click the arrow on the mode dropdown on the main toolbar to expand the 
dropdown list and select Safe Mode.
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License