Does OWASP ZAP Support Mobile Hybird / Native application security testing. ?
186 views
Skip to first unread message
sathish dachepally
Apr 4, 2014, 4:52:44 AM4/4/14
to zaproxy...@googlegroups.com
Hi ,
I have gone through the OWASP site and came to know that , its the best Open source tool for Mobile Web Application Security testing through ZAP. But I could not find the exact info about Hybird and Native application security testing. Do we have any info. regarding this ? or Can someone please provide the info. about how to go head with Hybird / Native application security testing. ?
Please help me in this regard ASAP.
Thanks,
Sathish D
I have gone through the OWASP site and came to know that , its the best Open source tool for Mobile Web Application Security testing through ZAP. But I could not find the exact info about Hybird and Native application security testing. Do we have any info. regarding this ? or Can someone please provide the info. about how to go head with Hybird / Native application security testing. ?
Please help me in this regard ASAP.
Thanks,
Sathish D
sathish dachepally
Apr 4, 2014, 8:04:27 AM4/4/14
to zaproxy...@googlegroups.com
Please help me out here.
psiinon
Apr 7, 2014, 7:22:42 AM4/7/14
to zaproxy...@googlegroups.com
ZAP doesnt really have any specific support for native applications.
It can intercept, change, scan and fuzz all HTTP based communication. For that you will need to insert ZAP in-between the app and any services it communicates with.
Thats usually done via proxy settings, but I think there are other options if your application doesnt support those.
This is not really my area of expertise, but if you can explain a bit more about your requirements then maybe someone else here will be able to help.
Cheers,
Simon
It can intercept, change, scan and fuzz all HTTP based communication. For that you will need to insert ZAP in-between the app and any services it communicates with.
Thats usually done via proxy settings, but I think there are other options if your application doesnt support those.
This is not really my area of expertise, but if you can explain a bit more about your requirements then maybe someone else here will be able to help.
Cheers,
Simon
sathish dachepally
Apr 7, 2014, 7:38:19 AM4/7/14
to zaproxy...@googlegroups.com
Thanks Simon for the update:
Here is the details about my above query:
Say for example, once we installed any Hybrid/Native app like Gmail / Linked etc in the Mobile Device, How do we go head security testing for these Hybrid / Native apps using Zap ? If Zap does not support for these Hybrid/Native apps, do we have any alternative tool from OWASP Organization ?
Here is the details about my above query:
Say for example, once we installed any Hybrid/Native app like Gmail / Linked etc in the Mobile Device, How do we go head security testing for these Hybrid / Native apps using Zap ? If Zap does not support for these Hybrid/Native apps, do we have any alternative tool from OWASP Organization ?
kingthorin+owaspzap
Apr 7, 2014, 8:51:24 AM4/7/14
to zaproxy...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages