How to use OWASP ZAP
- Open ZAP
- “Do you persist the ZAP Session?” → No
- Select “Protected mode”
- Proxy setting for ZAP and Browser.
ZAP : Tools > Option
Firefox : Option > Network Settings > Settings
- Select “Manual explore” and Launch browser.
- Include context
Icon marked
- Delete unused sites
- Start spider scan
Duration depends on environment, it will take more than 10 minutes.
- Completed Spider, start dynamic scan.
You can see progress chart. It will take more than 1 hour.
- Get the report of result.
You can get the results now.
<EOF>