ZAP API Forced Browsing
94 views
Skip to first unread message
Gil Fernandes
Feb 28, 2024, 6:31:25 AM2/28/24
to ZAP User Group
Hello,
I'm automating ZAP by writing a Python script using the ZAP API.
I'm automating ZAP by writing a Python script using the ZAP API.
I wanted to include the Forced Browse method to perform brute force on the website using a directory list.
I tried using the methods zap.urlopen and zap.core.send_request. However, these methods have proven to be toooooo slow in comparison to the Forced Browsed feature used in the ZAP GUI.
Can I integrate the Forced Browse feature into my Python script using the ZAP API and if so how?
Is there a better method to automate the Forced Browse feature in ZAP?
Thank you all in advance.
Simon Bennetts
Feb 29, 2024, 4:53:46 AM2/29/24
to ZAP User Group
Hiya,
I'm afraid there is currently no API for Forced Browse.
An alternative is Fuzzing .. but there no API for that either :/
These APIs have not been a priority as we think they are less likely to be used in automation.
You can actually add your own APIs via an extender script: https://github.com/zaproxy/community-scripts/tree/main/extender
Or you could implement the API calls in ZAP ...
Cheers,
Simon
Reply all
Reply to author
Forward
0 new messages