Penetration Testing with OWASP ZAP, Part 4 of 5: Authentication

Course description

OWASP ZAP is an open-source web application security scanner. This course covers how to insert breakpoints, Authentication and Session Management as well as Forced Browsing.

Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.

Prerequisites

none

Meet the expert

Atul Tiwari

Atul has been involved in information security,  IT auditing, and  penetration testing web apps in the field of information security training for over 8 years.

Video Runtime

80 Minutes

Time to complete

100 Minutes

Course Outline

Breakpoints and Authentication

Breakpoints and Requester (24:24)

• Introduction (00:08)
• Break points and Requestor (15:21)
• Setting breakpoints on GET request OWASP ZAP (08:47)
• Summary (00:08)

Authentication and Session Management (25:39)

• Introduction (00:08)
• Authentication and Session Management in ZAP (11:31)
• Login Parameter (13:51)
• Summary (00:08)

Forced Browsing Dirs and Files (30:05)

• Introduction (00:08)
• Forced browsing DIRs and Files using ZAP (12:22)
• HUD mode (17:27)
• Summary (00:08)