rce-serialization-dotnet

OWASP Zed Attack Proxy (ZAP)

Formerly, ZAP was owned and maintained by OWASP. It has since become part of the Software Security Project.

If the Java Runtime environment is not already installed. Download it from https://www.java.com/en/download/. If Maltego is already installed, then it is already available. See the Maltego Java Config Windows desktop application for the location of the JRE used by Maltego.
Download the Windows 64-bit OWASP ZAP installer at https://www.zaproxy.org/download/.
Open Chrome or your preferred browser.
Add FoxyProxy Basic browser add-in for Chrome or your preferred browser.
Launch FoxyProxy Basic.
Select Options.

Add a proxy with the following settings and click Save.

Add Proxy

Chrome bypasses the proxy when navigating to localhost. To avoid this, navigate to the Options tab and add <-loopback> to the Global Exclude text box and Save.
Enable the ZAP Proxy. Browsing any non-local site will result in a “No Internet” connection error until ZAP is started and configured for port 8081. Select Disable when done with ZAP.
Open Zap and navigate to Tools Options. In the list of options, select Network Local Servers/Proxies. Change the port to 8081.
Navigate to Network Server Certificates. Click View.
Click Install Certificate.
Leave Current User selected and click Next.
Select Place all certificates in the following store, click Browse and select the Trusted Certificate Authorities store. Click Next.
Click Finish. The browser using Foxy Proxy may need to be restarted for the certificate to take effect.
Navigate to http://zap/ on the configured browser. This documentation page is a launching point into tutorials and background about the tool.
In ZAP, select Manage Add-Ons in the tool bar.
Navigate to the Marketplace tab. Select and install the following Add-Ons:
- FuzzDb
- SVN Digger Files

This site is open source. Improve this page.