Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.
Twelve Days of ZAPmas - Day 5 - Scope and Contexts
Normally I don’t like having my interception proxy hide out-of-scope traffic. Doing so creates a blind spot for third-party interactions that might be important to see. For example, if I’m feeding attack payloads into a form field, and they’re being sent to an out-of-scope service, I might ...Learn more