Scan website using ZAP

From Notes_Wiki
Revision as of 14:25, 11 July 2021 by Saurabh (talk | contribs) (Created page with "<yambe:breadcrumb self="Scan website using ZAP">Website Penetration Testing using Kali|Website Penetration Testing</yambe:breadcrumb> =Scan website using ZAP= ZAP scans websi...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

<yambe:breadcrumb self="Scan website using ZAP">Website Penetration Testing using Kali|Website Penetration Testing</yambe:breadcrumb>

Scan website using ZAP

ZAP scans website after crawling other links and checks each page for vulnerability. To Scan website using ZAP use:

  1. Boot Kali Linux and login into GUI
  2. Go to "Web Application Analysis" -> "Zap" menu
  3. After starting Zap choose "No I do not want to persist this session" option
  4. Go to "Quick start" -> "Automated scan"
  5. Enter the URL and start attack
  6. After a while stop scan
  7. Go to File -> Persistent session. If there are any active tasks you might get warning whether to cancel them or not.
    Optionally save the session with desired name for future
  8. If there are no active tasks left, Go to Report -> "Generate HTML Report" to get useful scan report as part of scan


Refer: