Web Application Security Testing with OWASP ZAP

4.2
162 個評分
提供方
Coursera Project Network
2,933 人已註冊
在此指導項目中,您將:

Scan websites for vulnerabilities

Setup and use OWASP ZAP Proxy

Use a dictionary list to find files and folders and spider crawl to find links and URLs

Clock1.5 hours
Intermediate中級
Cloud無需下載
Video分屏視頻
Comment Dots英語(English)
Laptop僅限桌面

By the end of this project, you will learn the fundamentals of how to use OWASP Zed Attack Proxy (ZAP). This tool greatly aids security professionals and penetration testers to discover vulnerabilities within web applications. You will learn how to perform a basic web app vulnerability scan, analyze the results, and generate a report of those results. This course includes steps on how to configure the browser proxy to passively scan web requests and responses by simply exploring websites. This course will also include how to use dictionary lists to find files and folders on a web server, and how to spider crawl websites to find all the links and URLs. Finally, the end of the course gives a brief overview of how to intercept, view, modify, and forward web requests that occur between the browser and web application. Note: This course works best for learners who are based in the North America region. We’re currently working on providing the same experience in other regions.

分步進行學習

在與您的工作區一起在分屏中播放的視頻中,您的授課教師將指導您完成每個步驟:

  1. Introduction and overview of what OWASP ZAP is and how it is important for web security professionals.

  2. Understand the layout of OWASP ZAP and scan a website for vulnerabilities.

  3. Analyze the OWASP ZAP vulnerability scan results and generate a vulnerability report from those results.

  4. Setup and configure FoxyProxy within the Firefox browser to use ZAP as a proxy.

  5. Find files and directories of a web server using a dictionary list within OWASP ZAP.

  6. Using OWASP ZAP to crawl and spider websites to find links and URLs.

  7. Using OWASP ZAP as a web proxy to intercept a valid request, modify it to make it invalid, and then send it to the web server to provoke unexpected behavior from it.

指導項目工作原理

您的工作空間就是瀏覽器中的雲桌面,無需下載

在分屏視頻中,您的授課教師會為您提供分步指導

講師

審閱

來自WEB APPLICATION SECURITY TESTING WITH OWASP ZAP的熱門評論

查看所有評論

常見問題

常見問題

  • 購買指導項目後,您將獲得完成指導項目所需的一切,包括通過Web 瀏覽器訪問云桌面工作空間,工作空間中包含您需要了解的文件和軟件,以及特定領域的專家提供的分步視頻說明。

  • 由於您的工作空間包含適合筆記本電腦或台式計算機使用的雲桌面,因此指導項目不在移動設備上提供。

  • 指導項目講師是特定領域的專家,他們在項目的技能、工具或領域方面經驗豐富,並且熱衷於分享自己的知識以影響全球數百萬的學生。

  • 您可以從指導項目中下載並保留您創建的任何文件。為此,您可以在訪問云桌面時使用‘文件瀏覽器’功能。

  • 指導項目不符合退款條件。 請查看我們完整的退款政策

  • 指導項目不提供助學金。

  • 指導項目不支持旁聽。

  • 您可在頁面頂部點按此指導項目的經驗級別,查看任何知識先決條件。對於指導項目的每個級別,您的講師會逐步為您提供指導。

  • 是,您可以在瀏覽器的雲桌面中獲得完成指導項目所需的一切。

  • 您可以直接在瀏覽器中於分屏環境下完成任務,以此從做中學。在屏幕的左側,您將在工作空間中完成任務。在屏幕的右側,您將看到有講師逐步指導您完成項目。

還有其他問題嗎?請訪問 學生幫助中心