-
Notifications
You must be signed in to change notification settings - Fork 0
Zest ZAP Replay Quick Guide
dscarson edited this page Aug 16, 2014
·
1 revision
-
Creating Zest script
From Single transaction :
-Go to transaction_log.
-Select a transaction(By clicking 'View').
-Click 'Create a Zest Script' Button.
-Enter the name of the script.
-Click 'Generate'.
-A zest script will be created in /owtf_output_dir/targets/http://example.com /zest/
From Multiple transaction :
-Go to transaction_log.
-Click 'Create a Zest Script' Button.
-Select the transactions.
-Enter the name of the script.
-Click 'Generate'.
-A zest script will be created in /owtf_output_dir/targets/http://example.com /zest/
-
Recording Zest script
-Go to transaction_log.
-Click 'Zest Script Console'
-Click 'Record a script' Button.
-Enter the name of the script.
-Browse the web using OWTF MiTM proxy.
-Click 'Stop Recording'.
-A zest script will be created in /owtf_output_dir/misc/recorded_scripts/
-
Runnig a Zest script
-Go to transaction_log.
-Click 'Zest Script Console'
-Select a Zest script from the side-bar.
-Click 'Run the Zest Script' Button
-You will have the Output of script on that window.
-
Replaying an HTTP request
-Go to transaction_log.
-Select a transaction (by clicking 'View').
-Click Replay.
-An HTTP console shows up where you can edit the request.
-Click Send.
-You will get output under the response tab.
-
Forwarding request to ZAP
-Go to transaction_log.
-Select a transaction (by clicking 'View').
-Click Forward (Make sure ZAP proxy is listening on the configured port in the framework_config).
-Request shows up in the ZAP with response(by sending again).