Automate Web Application Scans with OWASP ZAP and Python

Focused View

Mike Woolard

1:08:37

21 View

01. Course Overview

01. Course Overview.mp4

01:43

02. Preparing the Environment for a Scan

02. Knowledge and Tool Requirements.mp4

05:28

03. ZAP Session Context.mp4

06:21

04. ZAP Context Authentication.mp4

03:45

05. SQL Table Setup.mp4

01:40

06. Python Libraries.mp4

01:07

07. Summary.mp4

00:49

03. Scheduling System Scan

08. Logging.mp4

02:56

09. Scheduled States.mp4

00:59

10. Retrieving Scheduled Scans from a Database.mp4

04:33

11. Date Time Comparison Checks.mp4

02:54

12. Scheduling with Task Manager or Cron.mp4

06:36

13. Summary.mp4

00:50

04. Actuating a Scan

14. The Zap API.mp4

03:15

15. Loading the Session File.mp4

02:46

16. Clear Previous Results.mp4

01:39

17. Starting an Authenticated Spider.mp4

01:22

18. Checking the Status of the Spider.mp4

01:51

19. Starting an Active Scan.mp4

01:58

20. Checking the Status of an Active Scan.mp4

01:41

21. Summary.mp4

00:35

05. Processing Scan Results

22. Generating a Report.mp4

03:40

23. Script Logic.mp4

06:02

24. Putting It All Together for a Test.mp4

03:05

25. Summary.mp4

01:02

Description

This course introduces individuals to the ZAP API and teaches you how it can be used in conjunction with python to set up automated scanning of web applications.

What You'll Learn?

Web application security assessments have always been performed by a specific group with knowledge and training on using specialized tools to perform the scan. In this course, Automated Web Application Scans with OWASP ZAP and Python, you’ll learn to how to automate this function so anyone in the business can scan and report on the health of an application. First, you’ll explore the ZAP API. Next, you’ll discover how to automate the calls to it with Python. Finally, you’ll learn how to retrieve reports back from the scan. When you’re finished with this course, you’ll have the skills and knowledge of using the ZAP API along with some Python scripting needed to automate a scan of the applications your business builds.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Python

Web App Development

Cyber Security

Network Security

Information Security

Mike Woolard

Instructor's Courses

Mike is an information security manager who has worked in the IT and Information Security fields for 22+ years. A broad background from helpdesk to sysadmin, system engineer, networking, DB and development work. Most of Mike's work now centers around pentests and risk assessments, but an integral part will always be awareness training. An active member in various local security groups, Mike volunteers, speaks, or attends various information security cons.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.