1. InfoconDB
  2. OWASP
  3. AppSec USA 2013
  4. Project Summit: ZAP Hackathon Session

Project Summit: ZAP Hackathon Session

Presented at AppSec USA 2013, Nov. 21, 2013, 9 a.m. (240 minutes)

This session is a chance for people to learn how to work on ZAP from the ZAP Project Leader. ZAP is a community project, and as such participation is actively encouraged. Simon will explain the numerous ways in which individuals and companies can contribute to ZAP. He will also explain how the code is structured and explain how any part of the project can be changed. Working on ZAP is a great way to learn more about web application security. Being able to change the code means that you can add and change any features you want, either just for you own benefit or to contribute back to the community. There will be time set aside for hacking ZAP, with Simon on hand to answer any questions and give any guidance required. This is a great opportunity to be part of the fastest growing and most active OWASP project. During this session, Simon will: Explain how people can contribute to ZAP. Demonstrate how to set up a ZAP development environment. Explain ZAP code structure.  Show people how to code scripts, active/passive scan rules, add-ons, core changes and improve the docs and localization. Let people hack the ZAP code and docs with full support and guidance. Please note that if you want to work on ZAP source code (including add-ons) then you should set up a ZAP development environment prior to attending this session. You will need to download and install Eclipse and import the main ZAP project as well as the ZAP extension projects - for more details see http://code.google.com/p/zaproxy/wiki/Building You will not need to set up a development environment if you just plan to work on scripts, documentation or translation.

Presenters:

  • Simon Bennetts - Security - Mozilla
    Simon Bennetts has been developing web applications since 1997, and strongly believes that you cannot build secure web applications without knowing how to attack them. He is the OWASP Zed Attack Proxy Project Leader and works for Mozilla as part of the Cloud Security Team.

Links:

Similar Presentations: