Pen-testing tools

From miki

Jump to navigation Jump to search

Proxies

OWASP Zed Attack Proxy Project (ZAP)

Powerful tool that can e.g. easily intercept HTTPS queries and mount MITM attacks.

On Firefox, install Plug-n-Hack plugin (go to http://localhost:8080/pnh/). Control the plugin / ZAP via Firefox Developer Toolbar (Shift+F2)

help pnh
help zap

Troubleshooting

On Ubuntu, disable the network proxy in gnome settings. It seems to interfere with ZAP.

Retrieved from "https://miki.immie.org/mediawiki/index.php?title=Pen-testing_tools&oldid=5861"