Penetration testing on windows desktop application using zap

[Sai Krishna]

Hello Team,

How to perform penetration testing on Windows Dektop Applications using OWASP ZAP? I have searched in google regarding this & i didn't find any useful information. Can anyone share some info it would be really helpful for me.

I have configured the proxy in the Windows system which has set in the ZAP. Larer i Opened the Windows Desktop App & navigated to few services, surprisingly i didn't see any traffic recorded in zap.

Thanks & Regards,

Sai Krishna M.

[Simon Bennetts]

Hiya,

You won't have found anything because ZAP isnt designed for testing Windows Desktop Apps :)

ZAP is designed for testing web apps.

If your desktop app has a web interface then you can use ZAP to test that, but if not then ZAP isnt the right tool for this use case.

Cheers,

Simon

[psiinon]

Hiya,

You won't have found anything because ZAP isnt designed for testing Windows Desktop Apps :)

ZAP is designed for testing web apps.

If your desktop app has a web interface then you can use ZAP to test that, but if not then ZAP isnt the right tool for this use case.

Cheers,

Simon

--
You received this message because you are subscribed to the Google Groups "OWASP ZAP User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/zaproxy-users/e6d17441-c67d-447f-9c1e-012ad0499980n%40googlegroups.com.

--

OWASP ZAP Project leader

[Sai Krishna]

Thanks Simon :)

[Floodeen Tom]

If you are on Windows using a Java application, you can use ZAP, as long as your Java application can be configured to use a proxy. There is some good information here: http://blog.marcinchwedczuk.pl/spy-jvm-network-traffic-with-owasp-zap

-Tom