HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Zed Attack Proxy Cookbook

Status
Not open for further replies.
itsMe

itsMe

*KillmeMories*
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
Joined
Jan 8, 2019
Messages
56,618
Solutions
2
Reputation
32
Reaction score
100,455
Points
2,313
Credits
32,700
‎6 Years of Service‎
 
76%
screenshot-11608.png


Dive into security testing and web app scanning with ZAP, a powerful OWASP security tool

Purchase of the print or Kindle book includes a free PDF eBook

Key Features

    Master ZAP to protect your systems from different cyber attacks
    Learn cybersecurity best practices using this step-by-step guide packed with practical examples
    Implement advanced testing techniques, such as XXE attacks and Java deserialization, on web applications

Book Description

Maintaining your cybersecurity posture in the ever-changing, fast-paced security landscape requires constant attention and advancements. This book will help you safeguard your organization using the free and open source OWASP Zed Attack Proxy (ZAP) tool, which allows you to test for vulnerabilities and exploits with the same functionality as a licensed tool.

Zed Attack Proxy Cookbook contains a vast array of practical recipes to help you set up, configure, and use ZAP to protect your vital systems from various adversaries. If you're interested in cybersecurity or working as a cybersecurity professional, this book will help you master ZAP.

You'll start with an overview of ZAP and understand how to set up a basic lab environment for hands-on activities over the course of the book. As you progress, you'll go through a myriad of step-by-step recipes detailing various types of exploits and vulnerabilities in web applications, along with advanced techniques such as Java deserialization.

By the end of this ZAP book, you'll be able to install and deploy ZAP, conduct basic to advanced web application penetration attacks, use the tool for API testing, deploy an integrated BOAST server, and build ZAP into a continuous integration and continuous delivery (CI/CD) pipeline.

What you will learn

    Install ZAP on different operating systems or environments
    Explore how to crawl, passively scan, and actively scan web apps
    Discover authentication and authorization exploits
    Conduct client-side testing by examining business logic flaws
    Use the BOAST server to conduct out-of-band attacks
    Understand the integration of ZAP into the final stages of a CI/CD pipeline

Who this book is for

This book is for cybersecurity professionals, ethical hackers, application security engineers, DevSecOps engineers, students interested in web security, cybersecurity enthusiasts, and anyone from the open source cybersecurity community looking to gain expertise in ZAP. Familiarity with basic cybersecurity concepts will be helpful to get the most out of this book.

Table of Contents

    Getting Started with OWASP Zed Attack Proxy
    Navigating the UI
    Configuring, Crawling, Scanning, and Reporting
    Authentication and Authorization Testing
    Testing of Session Management
    Validating (Data) Inputs - Part 1
    Validating (Data) Inputs - Part 2
    Business Logic Testing
    Client-Side Testing
    Advanced Attack Techniques
    Advanced Adventures with ZAP

Code: 
https://www.packtpub.com/product/zed-attack-proxy-cookbook/9781801817332
To see this hidden content, you must like this content.
 
Status
Not open for further replies.
Back
Top