Best Telegram Programming Groups For Coders &Developers   It Wasn’t Me - Secure Your Account   Mr.Robot All Seasons 1,2,3 Full | Free Torrent Download   Mr.Robot All Seasons 1,2,3,4 Full | Watch Online [FREE]   5 Tips Will Keep You Safe During Christmas Holiday’s Online Shopping   You Can Get All Adobe Apps For $30 a Month Right Now   How To Wipe An iPhone Clean (ERASE) Before Selling?   Programming Languages To Learn To Be An Expert Hacker!   Cybercriminals exchange tips on underground forums about avoiding arrests   A comprehensive look into emerging Signal encrypted messaging application   A Detailed Comparison of WhatsApp, Telegram & Signal   How Telegram End-to-end Encryption Works To Provide Security ?   Flubot Malware is Spreading Quickly Through Android Devices   WhatsApp End-to-End Encryption and its Privacy Importance - Alternatives,Signal & Telegram   What is Credit Card Skimming And How To Protect Yourself From it ?   Where to hire react programmer and 3 essential skills to look for   Top 8 Basic Google Search Dorks [Live Examples]   [Penetration Testing] Top 70 Most Interview Questions   Why VPN Is Necessary ? [Detailed Guide]   Top 10 Dangerous Viruses Of All Times   List Of Common HTTP Error Status Codes   “Hello World!” Program In Different Programming Languages   100 Basic Computer Related G.K. Questions   Email Security - Tips And Tricks   Fonts Hub Collection (Free Design Resources)   Top 8 Softwares Free Download - No Credit Card Needed [2022 Update]   Shortcomings That Leads An Entrepreneur Towards Failure   5 Basic Steps To Protect Your Personal Data Online   What is Intel SGX and What are the Benefits ?   15 Things You Need to Know About Maintaining The Logs   How to think like a programmer - lessons in problem solving   How To Get Voice Like Anonymous Voice   Life Story of Microsoft Founder Bill Gates - Documentary   Own Private Search Engine in Linux Will Save Our Privacy   Best Etcher alternatives to Create Bootable USB   Music For Programming - Coding Music / Hacking Music   School Management Software v3.1 Premium + Crack   JavaFX Chat Client/Server + Source Code   Top 25 Keyword Research Tools [Search Engine Optimization]   A Quick SEO Checklist - 2023 Update   Online Domain Authority (DA) Rank Checker Websites   33 Things In SEO For Which Google Will Give Your Student Blog High Positions   How to Close the Site from indexing using robots.txt   10 SEO Tools all Small Businesses Need in 2023   Earth Rise Application + Code   Animation along a path + Code   Zen Pong Game in Java Language + Code   Simple Flying Bird Game + Code Files   Game Snake Simple + Code Files   The Space 'Sun & Earth' | HTML,CSS,JavaScript   File System in Web (Explorer in Windows and Finder in OSX)   Admin Dashboard Template built using Bootstrap + Code   Website Template For Admin Dashboard + Code   Youtube Playlist Downloader Script   How To Create A Stopwatch In Python   Python TicTacToe with Tk and minimax AI   Deskreen turns any device with a web browser into a secondary screen for your computer   Download Algorithms Book | Dummies Store   OSI Model And TCP/IP Model   How to Fix SSH Failed Permission Denied (publickey,gssapi-keyex,gssapi-with-mic)   What Is Load Balancing? Definition and How It Works   How to Setup FTP Server on Your Raspberry Pi   Download Windows 10 Lite Edition x64 | Direct Link   How To Recover Permanently Deleted Files In Windows 10 ?   How to make Fake Error Message Script in Windows   20 Essential Windows keyboard Shortcuts that will make you forget your mouse   How To Fix The DLL Missing Error In Windows 7 ?   Create Hotspot on Windows 10 in 6 steps   Download Microsoft Office Professional Plus 2016   Download DriverPack Solution Offline | Full   How To Create Simple And Password Protected ZIP File in Linux   2 Ways To Save Terminal Output of a Command in Linux   6 Best Tools to Monitor Disk IO Performance in Linux   Top 15 Best Websites (Blogs) to Learn Linux Online   How to Delete files older than 30 Days in Linux   What is the difference between apt and apt-get command   Fail2Ban Installation & Setup: Ubuntu, CentOS, Fedora & Debian   How to List Running Processes in Linux   How to Use the who Command in Linux with Examples   FOREMOST - Recover Permanently Deleted Files Easily in Kali Linux   Funny Linux Commands to Try   Command line interface guidelines, to help you write better command-line programs ...   How to Install Google Chrome Web Browser on Ubuntu 20.04   Learn Adobe Photoshop | 33 Episode Course   Window Privilege Escalation: Automated Script   Linux Privilege Escalation: Automated Script   How To Retrieve & Decrypt Stored Passwords in Firefox & Chrome Remotely   ACLight: An Advanced Privileged Account Discovery Tool   How to change Lock Screen Background on Kali Linux XFCE   Best 20 Kali Linux Tools For Hacking And Penetration Testing   How to Run Windows Application and Games on Kali Linux   How to run C and C++ programs in Kali Linux   Control Kali Linux PC From any Mobile or Tablet   How to Enable root User Account in Kali Linux   How to Configure Static IP address in Kali Linux   Bash vs ZSH in Kali Linux   [Solved] E: Unable to locate package in Kali Linux   Hosting a Local Website with Domain Name on Kali Linux over WiFi   Install Docker in Kali Linux and Run Other OS   How to Install Kali Linux | A Total Guide to Install Kali Linux   NetHunter Rootless - Official Kali NetHunter for non rooted phones   How to set up own VPN server in 10 minutes on Kali Linux using OpenVPN   Configuring The ProxyChains   Install Python3 in Kali Linux   TempoMail - Command Line Temporary Email in Linux   NIPE - Fully Anonymize Total Kali Linux System   How to Install Google Chrome & Chromium on Kali Linux [Official Method]   15 Best Laptops For Kali Linux & Cyber Security - Check This Before Buy   Volatolity - Digial Forensic Testing of RAM on Kali Linux   Limit the Internet Speed of LAN Users [Evil Limiter]   Find Virtual Machine IP Through Kali Linux - 3 Methods   Privilege Escalation with PowerShell Empire and SETOOLKIT [Kali Linux]   How to use kill, pkill and killall Commands to Kill any Linux Process   20 Useful Tar Commands For Extraction and Compression   Create a Fake AP with DNSMASQ and HOSTAPD [Kali Linux]   How to Fully Anonymize Your Linux System with Tor using Nipe   Hack Windows/Linux using ARCANUS Framework – 100% FUD   Simple and Target Mac Flooding - Kali Linux   Get Free Kali Linux on AWS with Public IP - Real Time Penetration Testing   What’s the difference Between Tails and Tor browser?   Does Tor Hide you From Your ISP? Should I surf internet using Tor ?   Wireshark for Pentester: Decrypting RDP Traffic   Exploit Wi-Fi Vulnerabilities with Routersploit on Termux and Linux   Man in The Middle Attack & How To Prevent it   Masscan - 1000 Times Faster Than NMAP   Wireshark - Shark in Wires | Network Protocol Analyzer in Kali Linux   Wifite - Easy Automated Wireless Attack   WiFi-Pumpkin 3 - Dangerous Access Point   Evil Twin Attack with DNSMASQ - Wireless WPA2-PSK Cracking   Sniffing with Rogue Access Point [DNSMASQ and TCPFLOW]   Hack Wi-Fi Settings of Windows Machine Remotely [After Meterpreter]   Wi-Fi deauthentication attack against 802.11 protocol   Bypass Hidden SSID in a Wireless Network [Full Proof Method]   Crack WPA/WPA2-PSK using Aircrack-ng and Hashcat   Crack WPA2-PSK Wi-Fi with automated python script - FLUXION PART 1   Set Default Version of Python : [SOLVED] update-alternatives: error: no alternatives for p   Python Scripting: Information Gathering and Automating Ethical Hacking   15 Essential Meterpreter Commands Everyone Should Know   Find Vulnerable Webcams with Shodan [Metasploit Framework]   TCP & SYN Scanning with Metasploit Framework without NMAP   Meterpreter Useful Top 60 Commands List   The Web Application Hacker's Handbook 2   Hacking GPS Book   MadCam - Termux Hack Front camera by Sending link   How to Download Files In Termux   IPdrone Termux - Find Location of Person it IP in Termux   ReconDog Termux - Best Reconnaissance Tool For Termux   Termux SSH: Use Termux in Windows Using SSH Server   How to Install and Use Fsociety-Tool In Termux   Termux-YTD : Download Youtube Videos with Termux   Use CMatrix Package Like a Pro   L3MON - Access Android Devices Remotely   Hack Android using Metasploit over LAN/WAN   Ghost Framework - Control Android Devices Remotely   Top 10 Vulnerable Android Applications [Penetration Testing]   Find Hidden Subdomains on Any Website with Subfinder   Blind Sql Injection with Regular Expressions Attack   Useful Google Dorks For Bug Bounty Hunters   HTML5 Security CheatSheet - What your browser does when you look away...   30,000 Sites Is In RISK, The Plus Addons For Elementor WordPress Plugin Hacked   WPScan - Find Vulnerabilities in WordPress Websites on Kali Linux   Wapiti - Automated Vulnerability Scanner   Generate 100% FUD Backdoor with TheFatRat - Windows 10 Exploitation   TheFatRat hacking tool to create undetectable backdoors   How to Make a Keylogger in Python + Code   How to create a keylogger in PowerShell ?   Backdoor Program using Python (Remote Access Explain)   Man in the Middle Attack with Websploit Framework   Hack Windows 10 Remotely over WAN with Metasploit [No Port Forwarding]   15 Powerful Gadgets For Ethical Hackers | Hardware Tools for Hackers   Find Vulnerabilities using NMAP Scripts (NSE)   Free Vulnerability Database And Resources   Firefox Browser Vulnerable to (MITM) Man-in-the-Middle Attack   Find Vulnerabilities in Military Networks By Participating Hack The Army Bug Bounty Progr. 

x32x01

ADMINISTRATOR
OWASP ZAP is a multipurpose scanning tool that helps a lot penetration testers and bug bounty hunters for finding vulnerabilities on web app. ZAP stands for Zed Attack Proxy. It is loaded with proxy, active and passive vulnerability scanners, fuzzer, spider, HTTP request sender & many more.

ZAP thumbnail.jpg

In this detailed guide we are going to learn a lot of things of ZAP in easy language.

Opening and Updating ZAP
First of all we need to open and update ZAP on our Kali Linux. So we can find it on our Kali Linux Application Menu > Web Application Analysis > ZAP, or we can search for it on the menu, As shown in the following screenshot.

ZAP in menu.png

Then we click on it and it opens the ZAP application's front page as shown in the following screenshot:

ZAP welcome screen.png

Here we can press CTRL+U and update all add-ons by clicking "Update All". In the following screenshot we can see that our this system already updated everything.

Sometimes on some laptops we have noticed that the update screen takes the total screen and we are not able to see the "Update All" option. In that case we just make the window smaller and then drag it up [simple!].

Fixing ZAP update window.png

After finishing the update we need to configure the proxy on browser to run ZAP.

Configuring Network Proxy for ZAP
This quite similar to setup proxy for Burp and WebScarab. We need open our browser (with Kali Linux we got Firefox browser as default). On Firefox we need to open Menu and navigate to Preferences. On the General tab, we scroll down and click on Network Settings.

network settings.png

It opens a new window, we need to set manual proxy here. We need to set the "Manual proxy configuration", HTTP proxy should be 127.0.0.1 (localhost) and the port is 8080. As shown in the following screenshot:

Manual proxy.png

This is how we can set the manual proxy on Firefox browser. We can check manual proxy settings for other browsers. FoxyProxy add-on can easily switch between proxies.

Then if we navigate to a website from our browser and we got security warning from our browser, as shown in the following screenshot:

Firefox advanced.jpg

This is basically happens for the security certificate. Here we need to click on "Advanced". Then we need to click on "Accept risk and continue", as shown in the following screenshot then the certificate for ZAP will be added for this site.

Accept risk and continue Firefox.jpg


Scan for Sensitive Files and Folders using ZAP
After setting ZAP as a proxy, we can scan a website or web application using it. We open a website on our browser and ZAP will react to this action by shows the host's name on the upper-left panel. We just need to right click on the host name, and choose "Attack" > "Forced Browse Directory". As shown in the following screenshot:

Zap forced browse directory.jpg

Then it will start finding directories by using a default word list for directory. We can see the result on the following screenshot:

Zap directory attack.jpg

In the above screenshot we can see that the directory attack has been started. If it contains any sensitive information then wee can easily got it from here.

If we need to use any other custom word list for directory brute-force (this attack is a type of brute-force) then we need to go to Tools > Options (or we can open this by CTRL+ALT+O) and go to Forced Browse tab and select our custom word list.

custom wordlist ZAP.jpg

By following that process we can add our custom word list for finding files and folders using ZAP.

Copy Website using ZAP Spider
Downloading a full site to a directory in our system leaves us with a static copy of the information; this means that we have the output produced by different requests, but we neither have such requests nor the response states of the server. To have a record of that information, we have spiders, such as the one integrated in OWASP ZAP.

We need to run the ZAP and browser have configured the browser for proxy. Then we navigate to target website (We are targeting our own site) from browser and ZAP respond to it.

zap kali linux.png

Now we can see our website on the above screenshot. We need to right click for options, then we need to navigate to Attack > Spider. As shown in the following screenshot:

ZAP Spider kali.jpg

After selecting the spider we got a window as shown in the following screenshot:

Start The SPider on ZAP.png

Here we just need to click on the "Start Scan" to start spider on our website. After started we can see that it is started on the bottom panel of ZAP.

Spidering kali linux in using ZAP.png

We also can see the structure of our website on the upper left panel of ZAP. We also can see the request methods (GET/POST) there. We can click there and see the request send by the spider and the response comes from the server.

ZAP request and responce.png

On the right side, we can see the full request made, including the parameters used by ZAP.

How the spider works in ZAP?
Like any other crawler, ZAP's spider follows every link it finds in every page on the web application included in the scope requested and the links inside it. Also, ZAP's spider follows the form responses, redirects, & URLs included in robots.txt & sitemap.xml files. It then stores all the requests & responses for later analysis and use. This is very similar to Burp's Spider.

After crawling a website or web application, we may want to use the stored requests to perform some tests. Using ZAP's capabilities, we will be able to do the following, among other things:
  1. Repeat the requests that modify some data.
  2. Perform active and passive vulnerability scans.
  3. Fuzz the input variables looking for possible attack vectors.
  4. Replay specific requests in the web browser.
Automatically Scans for Vulnerabilities using ZAP
OSWAP ZAP is a tool that helps us to complete various tasks, automatically scanning a target website is one of them.

To use this feature we need to go set the manual proxy on our browser and open the site as we did previously.

Whenever ZAP respond to it and shows it on the Sites panel (upper left panel) we right click on the site and navigate to Attack > Active Scan , as shown in the following screenshot:

Active Scan on ZAP.jpg

Then a window will popup in front of us. At this point we need to fill some information to start the scan. The "Show Advanced Options" will give us more configuration.

active scan popup.png

Here also can configure our scan in terms of Scope (where to start the scan, on what context and many more ), Input Vectors (select if we want to test values in GET and POST requests, headers, cookies and other options), Custom Vectors (add specific characters or words from the original request as the attack vectors), Technology (what kind of technology specific tests we want to perform) and Policy (choose configuration parameters for specific tests).

After setting up every thing we can just start the scan by clicking on "Start Scan". In the following screenshot we can see our scan results.

Active scan ZAP results.png

In the above screenshot we can see that that scan is finished and we got 9 new alerts. On the "🚩Alerts" tab we got details about the alerts.

Alerts ZAP.png

We can see that we got some very serious security loophole on our vulnerable localhost server. This is how we can run security test on a web server or website using ZAP. Found it critical read the next one.

We can export the scan result in CSV, HTML or XML format.

Easy Auto Scanning for Vulnerability using ZAP
Suppose we are very beginner on Kali Linux or ZAP then we just open ZAP and choose "Automated Scan" on Quick Start. Then a popup window will comes up. Here we just put the URL and click on "⚡Attack". The following screenshot shows it.

Automated Scan.png

The attack will be started and we can see the output and Alerts.

Zap automated alearts.png

We can see the results of the scan. Now this is live we don't add any manual proxy configuration for our system.
Hope we got a clear idea how Zed Attack Proxy works on our Kali Linux system and how we can run various test using it. This huge tool can be used as a fuzzer and it also can do much more, that we can't cover in single article. Try it and see what it can do.

Liked our articles? Then make sure to subscribe and get notified whenever we publish new articles. It's free. Also we post updates on GitHub and Twitter, make sure to follow us there.
For any kind of help we are always ready to help. Just leave a comment in the comment section. We always reply.
 
Top