Introduction to OWASP ZAP - Write-up - TryHackMe

Information

Room#

  • Name: Introduction to OWASP ZAP
  • Profile: tryhackme.com
  • Difficulty: Easy
  • Description: Learn how to use OWASP ZAP from the ground up. An alternative to BurpSuite.

Introduction to OWASP ZAP

Write-up

Overview#

Install tools used in this WU on BlackArch Linux:

pikaur -S zaproxy

[Task 1] Intro to ZAP#

What does ZAP stand for?

Answer: Zed Attack Proxy

In the description or official page.

[Task 5] Manual Scanning#

What IP do we use for the proxy?

Answer: 127.0.0.1

Local address.

[Task 8] Bruteforce Web Login#

Use ZAP to bruteforce the DVWA 'brute-force' page. What's the password?

Answer: password

Share