Writing Custom Scripts for OWASP Zed Attack Proxy
|
Do you want to automate your web security activities? Learn to write custom scripts with OWASP ZAP to detect and guard against application specific vulnerabilities while building security into the software.
Software delivery is becoming faster than ever and security is always trying to catch up with DevOps. Automated tools have proven to aid with rapid identification of security bugs, but it gets challenging when automated assessments aren’t customized to an application’s context. In this course, Writing Custom Scripts for OWASP Zed Attack Proxy, you will gain the ability to extend your dynamic application security assessments through the power of custom scripts. First, you will learn the various extension points in OWASP ZAP through the supported scripting types and scripting languages. Next, you will discover how to tackle some of the everyday challenges from effectively communicating security bugs to scripting complicated authentications for automated vulnerability assessments. Finally, you will explore how to identify common vulnerabilities specific to your application’s context and guarding against those vulnerabilities coming up again. When you are finished with this course, you will have the skills and knowledge of writing custom security scripts needed to incorporate essential DevSecOps activities.
Author Name: Marudhamaran Gunasekaran
Author Description:
Marudhamaran Gunasekaran is a Security Consultant and a DevSecOps Lead with DevOn, part of The Waada, Prowareness Group. He plays various roles at work including but not limited to a Security Coach, Trainer, Agile coach, and Compliance Manager. Maran takes joy in staying abreast with the security advancements, contributing to open source community with most recent contributions to OWASP projects, evangelizing security among DevOps professionals as an Ambassador for the DevOps Institute. Some of … more
Table of Contents
- Course Overview
1min - Preparing the OWASP ZAP Scripting Environment
21mins - Tampering the Requests and Responses with Proxy Scripts
23mins - Identifying Contextual and Custom Vulnerabilities through Scanner Scripts
36mins - Scripting Complicated Authentication Scenarios
28mins - Generating Custom Payloads for Fuzzing Operations
23mins - Regressing Security Vulnerabilities with Standalone Scripts
34mins - Wrap up and Summary
6mins
User Reviews
Be the first to review “Writing Custom Scripts for OWASP Zed Attack Proxy”
Related Products
Cisco Enterprise Networks: Infrastructure Security
In this course, you'll learn how to configure DHCP snooping, IP source guard, dynamic ARP inspection (DAI), port security, storm control, RADIUS, and TACACS+.
OWASP Top 10 Web Application Security Risks for ASP.NET
This course introduces the OWASP Top 10 Most Critical Web Application Security Risks including how to demonstrate and mitigate them in ASP.NET.
Maintaining Deployment Security in Microsoft Azure
This course identifies the resources, tools, and methods needed to maintain the security of your deployed resources in Azure.
Cisco CyberOps: Exploring Security Concepts
Cybersecurity concepts are fundamental pieces of knowledge necessary to have a career in the industry. This course will explore security concepts to ensure that a solid foundation is laid for future knowledge.
Securing Angular Apps with OpenID Connect and OAuth 2
OpenID Connect and OAuth 2 allow your apps to use modern security protocols and to participate in a Single Sign-on (SSO) experience across multiple apps. This course will show you how to authenticate users and authorize access in your Angular apps.
Using Microsoft Azure Security Tools to Protect AI Solutions
As more and more systems are automated with the use of AI, securing AI solutions is of paramount importance. In this course, you will explore the various facilities Azure offers to secure Azure machine service learning solutions.
There are no reviews yet.