Validate fuzzing logic using automation of OWASP ZAP with Selenium
53 views
Skip to first unread message
Preeti Saini
Mar 16, 2023, 6:26:46 AM3/16/23
to OWASP ZAP User Group
Hi Team,
I am new to OWASP ZAP tool so need your assistance here.
I am new to OWASP ZAP tool so need your assistance here.
As per my learning, once we integarte OWASP ZAP in our existing Selenium framework, we can perform active scan the website.
BUt, Is it possible to include any fuzzing logic (validation of specific SQL injection, XSS injection etc.) while integrating OWASP ZAP with Selenium using C#?
If that's feasible, could you also share the documents / videos that I can refer for better clarity.
Thanks in advance.
Thanks,
Preeti Saini
Simon Bennetts
Mar 16, 2023, 8:05:31 AM3/16/23
to OWASP ZAP User Group
Hi Preeti,
We have loads of info available on https://www.zaproxy.org/ :)
In ZAP terms you are looking at Active Scanning - that is where ZAP tests for vulnerabilities like SQL injection and XSS.
We use Fuzzing as a term for manual testing, which is possibly not so relevant for you.
The options for automating ZAP are detailed on https://www.zaproxy.org/docs/automate/
Cheers,
Simon
Preeti Saini
Mar 16, 2023, 8:07:01 AM3/16/23
to OWASP ZAP User Group
Thanks alot for great help here!
I will have a look at the links provided here.
Reply all
Reply to author
Forward
0 new messages