Tag: Tutorial

ZAP Session Database

Posted 229 Words
ZAP stores its session data in an HSQLDB file database. There is also experimental support for other database engines. Connecting to a Session Database Since ZAP locks its session file, it is only possible to view or modify the database when ZAP doesn’t have the session open. Session files are usually stored under session/ in the default directory.

Building ZAP with IntelliJ IDEA

Posted 703 Words
This guide explains how to make changes to ZAP using IntelliJ IDEA. Preparation You will need to have followed the Quick Start Guide to Building ZAP and installed a version of IntelliJ IDEA. Gradle Resources Working with ZAP in IntelliJ IDEA may need a bit more Java resources for the Gradle actions.

Creating a New Add-on in zap-extensions

Posted 650 Words
ZAP has a plugin architecture and new functionality is implemented via add-ons. Add-ons can be defined in any repository but most of the ones that the ZAP core team maintains live in zap-extensions. You should use this repository if you are planning on contributing your add-on to the ZAP project, but please talk to the ZAP Core team about this first via the ZAP Developer Group.

Building ZAP with Eclipse

Posted 564 Words
If you want to make changes to ZAP using the Eclipse IDE then you are in the right place. Preparation You will need to have followed the Quick Start Guide to Building ZAP and installed a version of Eclipse suitable for Java development. We would suggest the “Eclipse IDE for Java Developers” package.

A Quick Start Guide to Building ZAP

Posted 924 Words
Ever wanted to experiment with the ZAP codebase but felt intimidated by it? This guide will walk you through the process of building ZAP from the command line regardless of your operating system or IDE. You can also follow along with Simon Bennetts as he sets the ZAP development environment in this Deep Dive video:

Getting Started

Posted 2910 Words
Overview This guide is intended to serve as a basic introduction for using ZAP to perform security testing, even if you don’t have a background in security testing. To that end, some security testing concepts and terminology is included but this document is not intended to be a comprehensive guide to either ZAP or security testing.