What this book covers

Chapter 1, Getting Started with OWASP Zed Attack Proxy, introduces you to ZAP, its maintenance within the OWASP organization, its purpose in penetration testing, and how to install and configure it on various platforms, set up a basic lab environment, and use it for testing.

Chapter 2, Navigating the UI, explains how to locate and use various windows, tools, and features in ZAP for penetration testing, such as setting a target, manually exploring an application, modifying responses, and testing specific parameters with payloads.

Chapter 3, Configuring, Crawling, Scanning, and Reporting, teaches you how to configure and use the crawling, scanning, and reporting features of ZAP, understand how these sections work, set up project settings to assess an application, and customize the user options for a personalized experience.

Chapter 4, Authentication and Authorization Testing, shows you how to test and bypass authentication and authorization mechanisms, including intercepting and using default credentials, bypassing authentication, testing for default credentials, exploiting directory traversal attacks, escalating privileges, and testing for insecure direct object references.

Chapter 5, Testing of Session Management, teaches you how to manipulate the mechanism that controls and maintains the state for a user interacting with an application, covering topics such as testing cookie attributes, cross-site request forgery, exploiting logout functionality, and session hijacking.

Chapter 6, Validating (Data) Inputs – Part 1, explores the most common types of web application security weaknesses, such as cross-site scripting, HTTP verb tampering, HTTP parameter pollution, and SQL injection, and how to exploit them using ZAP.

Chapter 7, Validating (Data) Inputs – Part 2, discusses the advanced types of web application injection attacks, such as code injection, command injection, server-side template injection, and server-side request forgery, and how to exploit them using ZAP.

Chapter 8, Business Logic Testing, delves into unconventional methods for testing business logic flaws in a multifunctional dynamic web application, including forging requests, testing process timing, testing functionality limits, the circumvention of workflows, and uploading unexpected file types with malicious payloads.

Chapter 9, Client-Side Testing, covers client-side testing and the attack scenarios that come up against it, such as DOM cross-site scripting, JavaScript execution, HTML injection, URL redirect attacks, cross-origin resource sharing vulnerabilities, and the exploitation of web sockets.

Chapter 10, Advanced Attack Techniques, explores several additional advanced attacks, such as performing XXE, the exploitation of Java Web Tokens (JWT), Java deserialization, and web-cache poisoning.

Chapter 11, Advanced Adventures with ZAP, teaches you about other features and functionalities that ZAP has, such as running dynamic scans via the local API, running ZAP as a dynamic scan in a CI pipeline, and integrating and using the built-in OWASP application security out-of-band server for testing.