Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.
Testing,
open source,
web penetration testing,
OWASP,
mobile application,
web application security,
API
ZAPmas Feedback
Sometimes Christmas comes early, and in this case for me it was the publication of the Twelve Days of ZAPmas blog posts by Mic Whitehorn-Gillam. If you have not read them yet then please do - they are a great introduction to ZAP and provide what I think is a very fair and balanced comparison to ...
Learn more
Never miss a Professionally Evil update!

Twelve Days of ZAPmas - Day 10 - Manual Web App Testing Unproxied
Most of the time, proxying the browser doesn’t present any sort of trouble. You should be able to ...
Learn more

Twelve Days of ZAPmas - Day 8 - Spidering
Spidering is an automated process that recursively finds and follows all the navigation from an ...
Learn more

Twelve Days of ZAPmas - Day 5 - Scope and Contexts
Normally I don’t like having my interception proxy hide out-of-scope traffic. Doing so creates a ...
Learn more