How can I get OWASP Zed attack proxy(ZAP) to read from fiddlers requests?

[brett michlitsch]

How can I get OWASP Zed attack proxy to read from fiddlers requests?

Fiddler has the great ability to monitor all HTTP/HTTPS requests on my computer, this allows me to see all the requests for internet/local traffic. The OWASP ZAP tool seems to be able to only connect to a website but I'm pen testing an app not a website. It seems like I could somehow set up fiddler or ZAP to do this.

I've been trying to find a solution for this for some time. If anyone knows or has any ideas how let me know.

Thanks,

Brett

[EricLaw]

I'm not really sure I understand what you mean when you say "read from Fiddler's requests."

What, precisely, are you doing today, and what specifically would you like to be able to do?

ZAP is a proxy (http://code.google.com/p/zaproxy/wiki/HelpUiDialogsOptionsLocalproxy). If you want Fiddler to chain to it, inside Fiddler, choose Tools > Fiddler Options > Gateway. Select Manual and enter the information for the ZAP's proxy endpoint from ZAP's Local Proxy dialog.