OWASP ZAP

From this post, we are going to see the steps for the installation of OWASP ZAP (Zed Attack Proxy) (latest version 2.90) in the Windows machine.

Step 1:

Kindly download the OWASP ZAP exe file from the link download link based on the architecture(either 32 bit or 64 bit) of the machine(Here I have downloaded the Windows (64) Installer).

owasp zap download
Fig 1.1: OWASP ZAP download page

Step 2: 

Kindly execute the downloaded executable file by double-clicking on the same. (Here we need the administrator rights to install).

OWASP ZAP
Fig 1.2: OWASP ZAP application

Step 3:

The Welcome screen of the setup wizard will appear. Kindly click “Next”.

OWASP ZAP Welcome Screen
Fig 1.3: Welcome Screen

Step 4:

The License Agreement screen of the setup wizard will appear. Kindly select the option “I accept the agreement” and click “Next”.

OWASP ZAP Licence Agreement
Fig 1.4: Licence Agreement Screen

Step 5:

The Select Installation Type screen of the setup wizard will appear. Kindly select the option “Standard Installation” ( This option would be helpful for the beginners/newbies) and click “Next”.

OWASP ZAP Installation Type
Fig 1.5: Installation Type Screen

Step 6:

The Ready to Install screen of the setup wizard will appear. Here we can review our settings. Click “Install” to proceed further.

OWASP ZAP Ready to Install
Fig 1.6: Ready to Install Screen

Step 7:

The installation will start and it will take some time based on the speed of the machine.

OWASP ZAP Installation Screen
Fig 1.7: Installation Screen

Step 8:

Finally, the completion screen of the setup wizard will appear. Kindly click “Finish” to complete the installation.

OWASP ZAP Completion Screen
Fig 1.8: Installation Completion Screen

Step 9:

Kindly open the application by searching for ZAP in the Search bar and click the app “ZAP 2.9.0”.

Step 10:

After clicking the app, Windows Security Alert will appear to enable the ZAP app at the firewall level. Kindly select the option based on the network requirement and click “Allow Access”.

Windows Security Alert
Fig 1.9: Windows Security Alert

Step 11:

The App will start after the loading process.

Optional step: By default, OWASP ZAP will use port number 8080. If that port is being used by some other app, it will ask to provide an alternate port number. Kindly enter the port number and click “Yes”.

OWASP ZAP Port Changing Screen
Fig 1.10: Port Changing Screen

Step 12:

Finally, the home screen of OWASP ZAP will appear like as mentioned below:

OWASP ZAP Home Screen
Fig 1.11: Home Screen

As the next step, we can use the app to do the DAST (Dynamic Application Security Testing) on any of the web applications.

Share and Enjoy !

0Shares
0 0 0

Leave a Reply

Your email address will not be published. Required fields are marked *