Owasp Zed Attack Proxy: Zap, est un projet phare de l’organisation OWASP. Ce scanner de vulnérabilité a été imaginé pour s’adapter à votre contexte professionnel, que vous soyez auditeur, testeur fonctionnel ou développeur, Zap vous assistera pour automatiser vos scans et répondra aux particularités de votre application.
La session se divise en deux parties, un fast talk et un workshop pour explorer les features avec un focus sur les celles apportées par la prochaine release.
Hack Zone : The Hack Zone event is a scientific event which deals with computer security and encloses the theoretical to the practical in order to meet the knowledge and good security practices in the IT world.
Throughout this 24-hour event, participants will be able to learn about computer security during conferences, discuss and ask questions during the workshops and practice during the challenge which will last 14 hours.This year, in its second edition, this event became national in scope and almost all security clubs in Tunisia have registered, even computer security experts will attend and share with us some of their knowledge.
Release description:This release includes the following significant changes:
Fuzzing: Strings in a response can now be fuzzed to try to find vulnerabilities. Anti CRSF tokens can be detected and automatically regenerated when fuzzing. This functionality is based on code from the OWASP JBroFuzz project.
Dynamic SSL certificates: The support for SSL connections was improved and simplified. User's can now create their own root certificate and distribute this into their HTTP clients.
Daemon mode: Starting ZAP with the "-daemon" command line option will cause it to run in the background in 'headless' mode, meaning that no UI is displayed.
API: An initial API has been implemented in XML, JSON and HTML.
Beanshell integration: The BeanShell is an interactive Java shell that can be used to execute BeanShell scripts. BeanShell integration in OWASP ZAP enables you to write scripts using the ZAP functions and data set.
Full internationalisation: All displayed strings are now fully internationalised.
Localisation: Out of the box support for the following languages: English, Brazilian Portuguese, Chinese, French, German, Greek, Indonesian, Japanese, Polish, Spanish