ZAP Spider can't find form request with parameter on DVWA

30 views

Skip to first unread message

makaaso

unread,

Aug 8, 2021, 6:42:29 PM8/8/21

to OWASP ZAP User Group

I'm tring using OWASP ZAP and DVWA. I want to find all request using spider. I was setting below:

login admin user
include default context
Flag as Context: Formed-based Auth Login Request
add admin user
Forced user mode enable
Flag as Context: Authentication Logged-in indicator

try to spider:
https://github.com/makaaso/stackoverflow/blob/main/zap-dvwa1.png

result below:
https://github.com/makaaso/stackoverflow/blob/main/zap-dvwa2.png

I expect below(this is manual scan result):
https://github.com/makaaso/stackoverflow/blob/main/zap-dvwa3.png

Is it possible to find request with parameter using spider?

kingthorin+owaspzap

unread,

Aug 9, 2021, 6:38:42 AM8/9/21

to OWASP ZAP User Group

Check this out: https://www.zaproxy.org/faq/details/setting-up-zap-to-test-dvwa/

Reply all

Reply to author

Forward

0 new messages

Search

Clear search

Close search

Google apps

Main menu