Pen-testing tools

From miki
Jump to navigation Jump to search

Proxies

OWASP Zed Attack Proxy Project (ZAP)

Powerful tool that can e.g. easily intercept HTTPS queries and mount MITM attacks.

On Firefox, install Plug-n-Hack plugin (go to http://localhost:8080/pnh/). Control the plugin / ZAP via Firefox Developer Toolbar (Shift+F2)

help pnh
help zap
Troubleshooting
  • On Ubuntu, disable the network proxy in gnome settings. It seems to interfere with ZAP.