ZEST script for Login Authentication

601 views

Skip to first unread message

Prashanth Kumar

unread,

Aug 20, 2018, 7:08:16 AM8/20/18

to OWASP ZAP User Group

Hi All,

I need some help in ZEST script for Login authentication. Basically, I need to retrieve the response(CSRF Token) from the first HTTP request and then pass the same value to the next request. How do we read the response?

The sequence of steps:

1: Login Landing page - Which generates the CSRF token

2: Validate account - need to pass Username, Password, and CSRF Token(received from the previous token).

3: Home Page

Any help will be greatly appreciated. Thank you!

Thanks,

Prashanth

kingthorin+owaspzap

unread,

Aug 20, 2018, 8:42:37 AM8/20/18

to OWASP ZAP User Group

Checkout this article: https://www.coveros.com/scripting-authenticated-login-within-zap-vulnerability-scanner/

Reply all

Reply to author

Forward

0 new messages