[Owasp-std] Security regression testing using ZAP

mark curphey mark at curphey.com
Mon Sep 19 11:26:07 EDT 2011


Awesome.  Dog has been eating my homework (also known as releasing Win8) for months but hopefully behind me now….

I have been working on a reference arch doc which I will have to review (hopefully by Thursday). I wonder if we should set aside a few hours at AppSec USA and do a workshop so we can get this properly kicked off ?


On Sep 19, 2011, at 6:15 AM, psiinon wrote:

> Hi folks,
> 
> I've created a POC showing how you can convert existing regression tests (in this case using Selenium) into security tests by proxying them through ZAP.
> The POC and all related tools are open source - see here for more details: http://code.google.com/p/bodgeit/wiki/RegTests
> This is at a very early stage, but I think it shows what can be achieved with minimal investment in time and no financial cost.
> I'll be covering this and more in my AppSec USA talk: http://www.appsecusa.org/talks.html#zap
> Hope to see some of you on this list there - please introduce yourselves to me :)
> 
> Cheers,
> 
> Simon
> _______________________________________________
> Owasp-std mailing list
> Owasp-std at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-std

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-std/attachments/20110919/1e48880e/attachment.html 


More information about the Owasp-std mailing list