Information
Room#
- Name: Introduction to OWASP ZAP
- Profile: tryhackme.com
- Difficulty: Easy
- Description: Learn how to use OWASP ZAP from the ground up. An alternative to BurpSuite.
Write-up
Overview#
Install tools used in this WU on BlackArch Linux:
pikaur -S zaproxy[Task 1] Intro to ZAP#
What does ZAP stand for?
Answer: Zed Attack Proxy
In the description or official page.
[Task 5] Manual Scanning#
What IP do we use for the proxy?
Answer: 127.0.0.1
Local address.
[Task 8] Bruteforce Web Login#
Use ZAP to bruteforce the DVWA 'brute-force' page. What's the password?
Answer: password