How can I use ZAP tool to test the broken authentication, sensitive data exposure, XML external entities, broken access control, XSS, insecure deserialization, using components with known vulnerabilities?
607 views
Skip to first unread message
lynn liu
May 17, 2021, 2:35:34 AM5/17/21
to OWASP ZAP User Group
Hi All,
Can I test the following security issues with the ZAP tool? Is there any doc to help me to learn how to set up and test?
- Broken authentication
- Sensitive data exposure
- XML external entities (XXE)
- Broken access control
- Cross site scripting (XSS)
- Insecure deserialization
- Using components with known vulnerabilities
Could you please give me some advice?
Thanks!
kingthorin+owaspzap
May 17, 2021, 12:13:44 PM5/17/21
to OWASP ZAP User Group
We have a FAQ for that: https://www.zaproxy.org/docs/guides/zapping-the-top-10/
lynn liu
May 17, 2021, 9:52:00 PM5/17/21
to OWASP ZAP User Group
Thank you for your information!
lynn liu
May 17, 2021, 10:01:08 PM5/17/21
to OWASP ZAP User Group
Do we have any videos or examples to easy to learn?
Reply all
Reply to author
Forward
0 new messages