Simple play icon Course

Writing Custom Scripts for OWASP Zed Attack Proxy

by Marudhamaran Gunasekaran

Do you want to automate your web security activities? Learn to write custom scripts with OWASP ZAP to detect and guard against application specific vulnerabilities while building security into the software.

What you'll learn

Software delivery is becoming faster than ever and security is always trying to catch up with DevOps. Automated tools have proven to aid with rapid identification of security bugs, but it gets challenging when automated assessments aren't customized to an application's context. In this course, Writing Custom Scripts for OWASP Zed Attack Proxy, you will gain the ability to extend your dynamic application security assessments through the power of custom scripts. First, you will learn the various extension points in OWASP ZAP through the supported scripting types and scripting languages. Next, you will discover how to tackle some of the everyday challenges from effectively communicating security bugs to scripting complicated authentications for automated vulnerability assessments. Finally, you will explore how to identify common vulnerabilities specific to your application's context and guarding against those vulnerabilities coming up again. When you are finished with this course, you will have the skills and knowledge of writing custom security scripts needed to incorporate essential DevSecOps activities.

Table of contents

Course Overview

About the author

Marudhamaran Gunasekaran is a Security Consultant and a DevSecOps Lead with DevOn, part of The Waada, Prowareness Group. He plays various roles at work including but not limited to a Security Coach, Trainer, Agile coach, and Compliance Manager. Maran takes joy in staying abreast with the security advancements, contributing to open source community with most recent contributions to OWASP projects, evangelizing security among DevOps professionals as an Ambassador for the DevOps Institute. Some of ... more

Ready to upskill? Get started