Mh07
Reputation: 33
ZEST script authentication using OWASP ZAP
I m trying to understand how to record login using ZEST script. Once recording the steps, how to reuse it? I tried multiple times but I'm not able to get the right way of doing it.
Upvotes: 1
Views: 5606
Answers (1)
Simon Bennetts
Reputation: 6186
You need to
- Define a context
- Set the Authentication mechanism to scripts
- Select your Zest script
- Set relevant Logged In/Out Indicators
- Add a valid user and password
- Test it all :)
The following FAQ is for configuring form based auth, but is still mostly relevant for scipts, esp the trouble shooting section: https://github.com/zaproxy/zaproxy/wiki/FAQformauth
If you're still having problems then the ZAP User Group is probably a better forum for getting support: https://groups.google.com/group/zaproxy-users
This article may also be of assistance: Scripting Authenticated Login within ZAP Vulnerability Scanner
Upvotes: 2
Related Questions
- How to login and scan with OWASP Zap
- OWASP ZAP, how to authenticate using Form-based Auth Login context and POST request
- Get Exception in thread "main" org.zaproxy.clientapi.core.ClientApiException: Does Not Exist on running form ans script authentication using zap api
- Basic Authorization in OWASP ZAP
- Adding authentication in ZAP tool to attack a URL
- OWASP ZAP Authentication - can't stop it using zap/zap
- ZAP API session authentication
- ZAP Ajax spider authentication not working using ZEST
- ZAP Authentication using API calls
- How to perform authentication with ZAP and HTTP 302