A breakpoint allows you to intercept a request from your browser and to change it before
is is submitted to the web application you are testing.
You can also change the responses received from the application
It is an essential penetration testing technique.
You can set a ‘global’ breakpoint on requests or responses using the buttons on the
top level toolbar.
All requests or responses will then be intercepted by ZAP allowing you to change anything before allowing the request or response to continue.
You can also set breakpoints on specific criteria using the “Break…” right click menu on the
Sites and History tabs
and the ‘Add a custom HTTP breakpoint’ button on the top level toolbar.
Only requests and responses which match those criteria will be intercepted by ZAP.
Custom breakpoints are shown in the Breakpoints tab
Breakpoint option are configured using the Options Breakpoints screen.
|UI Overview||for an overview of the user interface|
|Features||provided by the UI|