OWASP's ZAP is a security tool and uses a proxy based approach to do its job. And because of this, the first thing we need to setup is proxy LAN settings.
Please download OWASP ZAP and then fire it up. Once it is up and running, togo Tools->Options->Local Proxy.
Once we have this setup, we proceed to configure your browser's proxy settings.
Fire up chrome, got to Advance settings -> Change proxy settings .. -> LAN Settings and under Proxy server, please change "Address" to localhost and port to "8080".
Now you're ready to go login to your website and start running scanning. What is happening that any traffic that pass through your browser get analyzed. The advantage of this approach is that, you don't have to setup username/password or oAuth token and a bunch of security stuff.
Of course, you can choose and easier approach (but don't have much use case in general) which is to use "Quick start" feature. All you need to do i…
Comments