Scan website using ZAP

From Notes_Wiki

Home > CentOS > Kali Linux > Website Penetration Testing > Scan website using ZAP

ZAP scans website after crawling other links and checks each page for vulnerability. To Scan website using ZAP use:

  1. Boot Kali Linux and login into GUI
  2. Go to "Web Application Analysis" -> "Zap" menu
  3. After starting Zap choose "No I do not want to persist this session" option
  4. Go to "Quick start" -> "Automated scan"
  5. Enter the URL and start attack
  6. After a while stop scan
  7. Go to File -> Persistent session. If there are any active tasks you might get warning whether to cancel them or not.
    Optionally save the session with desired name for future
  8. If there are no active tasks left, Go to Report -> "Generate HTML Report" to get useful scan report as part of scan


Refer:




Home > CentOS > Kali Linux > Website Penetration Testing > Scan website using ZAP