Projects/OWASP Zed Attack Proxy Project/Pages/Talks

Upcoming Talks/Training:

2014 October 16: Skills Matter eXchange, London: Bill Matthews: Security Testing with OWASP ZAP: from zero to hero

More and more Security Testing is becoming part of the tester’s role and so we need to equip ourselves with the knowledge and tools to take on this challenge.

A good tool for beginners and experienced security testers is the OWASP ZAP tool (voted best security tool 2013 by toolswatch.org) so in this session we will be using the OWASP ZAP tool to conduct a security test against a deliberately vulnerable web application through a series of guided exercises that will take you from knowing little or nothing about ZAP or security testing and give you a grounding in using ZAP for Security Testing that is beyond the majority of other ZAP users.

2014 October 16-17: Black Hat Arsenal, Amsterdam: Zakaria Rachid: OWASP ZAP

The Zed Attack Proxy (ZAP) is currently the most active open source web application security tool and competes effectively with commercial tools.

While it is an ideal tool for people new to appsec, it also has many features specifically intended for advanced penetration testing.

Zack will give a quick introduction to ZAP and then dive into the more advanced features, presenting some useful scripts as well as giving an overview of where its heading.