Thursday, August 20, 2015

HOWTO : ZAP on Ubuntu 14.04 LTS

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.


sudo apt-get install default-jre unzip

cd ~
mkdir arsenal
cd arsenal

cd ZAP_D-2015-08-12

* as example.
* ZAP Team generate weekly releases of ZAP from the trunk, typically every Monday.
These are just intended for people who want to use all of the features we've added since the last 'full' release but dont want the hassle of building ZAP from the source code.
While we endeavor to ensure that weekly releases are robust, things may be broken or only partially implemented.


sudo apt-get update
sudo apt-get dist-upgrade

cd ~/arsenal/

Go to Download to download ZAP Weekly and repeat the procedure of "Install" previously mentioned.




That's all! See you.