Video on YouTube

Setup Zap Proxy

• Install Java which is a pre-requisite - https://www.oracle.com/java/technologies/downloads/#jdk19-windows

• Selected Java 19 for Windows and the x64 Installer. Installed with all the defaults. This is also the Java Development Kit versus the Java Runtime.

  

• Zap Proxy Website

• Click the Download Now button

  

• Download the Windows (64) Installer - ZAP_2_12_0_windows.exe

  

• Continued standard installation

  

OWASP ZAP scanning

• Open tool and select Automated Scan

  

• Enter URL to attack (try DVWA) - http://dvwa.kimchimenow.com:8001. Select Use ajax spider. Click the Attack button.

  

• After scanning can see the various vulnerabilities found