In this article i will refer to number of add-ons that i think may help enrich the vulnerability discovery and also give a clear understanding about the system under test.
First of all what is OWASP ZAP?
Zap is a famous open source automated pen testing tool , created and maintained by the OWASP community. Pen testing is mostly on the application level , but you can extend the testing to cover things like open ports as an example.
I will list some add-ons that enrich the testing capabilities and you may find it useful.
- Wappalyzer – Technology Detection :
This add-on can gather information about the system used technology like the application server , used frameworks , hosting service and also the OS used.
As shown above , this add-on can give you an overview about the used technologies on the system under test.
2. Port Scanner
This add-on can gather information about the open ports on the destination application/ web server , this will help you close all unnecessary ports to eliminate attacks.
3. FuzzDB Files
In Zap you have the ability to fuzz a parameter and with Fuzz here i mean to replace a parameter value with lots of patterns to test things like SQL Injection , XSS , OS Injection and more patterns that help you discover more vulnerabilities.
Fuzz DB files provide you with lots of patterns categorized by the test type as the following screen shots.
In the following example , i used the fuzzDB XSS patterns to exploit a vulnerable search field , and here are the results.
That’s for today 🙂 , hope you find it useful.
Please share your tips, experience, comments, and questions for further enriching this topic of discussion.