By using the AJAX Spider plugin, we can discover the pages and dynamic-built links of a targeted web application, whose results can be later used by ZAP to find its vulnerabilities.To set up the plugin, you have to perform the three following steps:
- Download the last release of ZAP from the zaproxy downloads tab. It is required ZAP>=1.4.1.
- Download the AJAX Spider plugin from the zap-extensions site.
- Put the extension in the plugin folder of ZAP.
There are some parameters that you might want to configure before running it regarding the local proxy that ZAP creates to communicate with the crawljax instance, and regarding the crawling process:
- In the local proxy options[1], you can configure its port an IP address.
- In the crawler options[2], you can choose the web browser to be used by the plugin, the number of threads and the browser windows to open. You can also activate the "scan in depth option", which slows down a bit the process but improves its final results.
When the process is started, a set of windows will be opened and the results will appear in the Sites tab[1] and also in the Spider Tab[2] where the found URLs can be clicked and the HTTP request and response will appear in [3].
I made a brief video that shows how to crawl a site and later use the generated web tree to find vulnerabilities in the targeted web application by using ZAP.
The plugin is still in alpha phase, if you have any comment, suggestion or question do no hesitate to contact me or to open a thread in the ZAP users' group.
Are there any plans to provide support for Safari Browsers .
ReplyDelete@Anonymous: not in the near future. However, if you happen not to have chrome or firefox available, you can still use the htmlunit browser, which comes with the spider package.
ReplyDelete