OWASP-ZAP use | INCIBE-CERT

When auditing a web service, we need tools that allow us to inspect and manipulate the HTTP/HTTPS traffic exchanged between the browser and the web server in order to identify potential vulnerabilities. This seminar is an introduction to HTTP/HTTPS traffic analysis with the OWASP ZAP tool, with the aim of giving basic guidelines to those users interested in using this tool.

Documents:

Associated exercise