mirror of
https://github.com/The-Art-of-Hacking/h4cker.git
synced 2024-12-18 19:06:08 +00:00
adding web application testing references
Adding how to integrate ZAP with Jenkins and automate web application testing assessments
This commit is contained in:
parent
d73be78382
commit
835c2203cc
19
web_application_testing/README.md
Normal file
19
web_application_testing/README.md
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
# Web Application Testing References
|
||||||
|
|
||||||
|
|
||||||
|
## Vulnerable Servers
|
||||||
|
There are a series of vulnerable web applications that you can use to practice your skills in a safe environment. You can get more information about them in the [vulnerable_servers directory in this repository](https://github.com/The-Art-of-Hacking/art-of-hacking/tree/master/vulnerable_servers).
|
||||||
|
|
||||||
|
## A Few Popular Tools
|
||||||
|
The following are a few popular tools that you learned in the video courses part of these series:
|
||||||
|
* [Burp Suite](https://portswigger.net/burp)
|
||||||
|
* [OWASP Zed Attack Proxy (ZAP)](https://github.com/zaproxy/zaproxy)
|
||||||
|
* [sqlmap](http://sqlmap.org/)
|
||||||
|
* [Paros Proxy](http://sectools.org/tool/paros/)
|
||||||
|
* [httrack](https://www.httrack.com/)
|
||||||
|
* [skipfish](https://code.google.com/archive/p/skipfish/)
|
||||||
|
|
||||||
|
## How to Integrate OWASP ZAP with Jenkins
|
||||||
|
You can integrate ZAP with Jenkins and even automatically create Jira issues based on your findings. You can download the [ZAP plug in here](https://wiki.jenkins.io/display/JENKINS/zap+plugin).
|
||||||
|
|
||||||
|
[This video](https://www.youtube.com/watch?v=mmHZLSffCUg) provides an overview of how to integrate
|
Loading…
Reference in New Issue
Block a user