-
-
Notifications
You must be signed in to change notification settings - Fork 135
HelpUiTabsSearch
The Search tab allows you to search for regular expressions in all of the URLs, requests, responses, headers and in other functionalities provided by add-ons.
Enter the regular expression you would like to search for in the search box and either press return or click on the search button:
A pull down allows you to choose whether to search across the URLs, the requests, the responses or everything.
All URLs, requests or responses which contain the search pattern will be displayed in the tab. You may find it useful to add .* to your search term - this will give you more context e.g. password.*
You can use the Next and Previous buttons to view found search terms in the Request and Response tabs.
You can also go directly to a specific instance by clicking on the relevant line in the results list.
Right clicking on a node will bring up a menu which will allow you to:
The Attack menu has the following submenus:
This will launch the Active Scan dialog which allows you to initiate an active scan with the starting point set to the request you selected.
This will launch the Spider dialog which allows you to initiate the spider with the starting point set to the request you selected.
This menu allows you to include the selected nodes and all of their subordinates in the specified context. You also have the option to create a new context. The Session Contexts dialog will be displayed to allow you to make any additional changes.
This menu allows you to exclude the selected nodes and all of their subordinates from the specified context. The Session Contexts dialog will be displayed to allow you to make any additional changes.
This menu has the following submenus for each of the contexts you have defined:
This identifies the specified node as a login request for the specified context. You may only have one node identified as such in any one context. The Session Context Authentication screen will be displayed to allow you to make any additional changes.
This identifies the specified node as a login request for the specified context. You may only have one node identified as such in any one context. The Session Context Authentication screen will be displayed to allow you to make any additional changes.
This identifies the specified node as Data driven content for the specified context. The Session Context Structure screen will be displayed to allow you to make any additional changes.
This menu has the following submenus:
This will exclude the selected nodes from the proxy. They will still be proxied via ZAP but will not be shown in any of the tabs. This can be used to ignore URLs that you know are not relevant to the system you are currently testing. The nodes can be included again via the Session Properties dialog
This will prevent the selected nodes from being actively scanned. The nodes can be included again via the Session Properties dialog
This will prevent the selected nodes from being spidered. The nodes can be included again via the Session Properties dialog
This will bring up the Manual Request Editor dialog which allows you to resend the request after making any changes to it that you want to.
This will bring up the Add Alert dialog which allows you to manually record a new alert against this request.
This will show the selected node in the History tab.
This will show the selected message in the Sites tab.
This will open the URL of the selected node in your default browser.
UI Overview | for an overview of the user interface |
-
ZAP User Guide
- Introduction
-
Getting Started
- Configuring proxies
-
Features
- Active Scan
- Add-ons
- Alerts
- Anti CSRF Tokens
- API
- Authentication
- Break Points
- Callbacks
- Contexts
- Data Driven Content
- Filters
- Globally Excluded URLs
- HTTP Sessions
- Man-in-the-middle Proxy
- Modes
- Notes
- Passive Scan
- Scan Policies
- Scope
- Session Management
- Spider
- Statistics
- Structural Modifiers
- Structural Parameters
- Tags
- Users
- Scanner Rules
- A Simple Penetration Test
-
The User Interface
- Overview
- The Top Level Menu
- The Top Level Toolbar
- The Tabs
-
The Dialogs
- Active Scan
- Add Alert
- Add Break Point
- Add Note
- Encode/Decode/Hash
- Filter
- Find
- History Filter
- Manual Request Editor
- Manage Add-ons
- Manage Tags
-
Options
- Active Scan
- Active Scan Input Vectors
- Alerts
- Anti CSRF Tokens
- API
- Breakpoints
- Callback Address
- Certificate
- Check for Updates
- Connection
- Database
- Display
- Dynamic SSL Certificates
- Extensions
- Global Exclude URL
- HTTP Sessions
- JVM
- Keyboard
- Language
- Local Proxies
- Passive Scan Rules
- Passive Scan Tags
- Passive Scanner
- Rule Configuration
- Scripts
- Search
- Spider
- Statistics
- Persist Session
- Resend
- Scan Policy Manager
- Scan Progress
- Session
- Spider
- The Footer
- Command Line
- Add Ons
- Releases
- Paros Proxy
- Credits