Security/Mentorships/MWoS/2014/OWASP ZAP Scripted Add-ons
Hailing from New Delhi,India; this team of four girls believes in the 3Ps of success. Patience,Passion and Perseverance.
- Sarah Khan
- Sultana Mumtaz
- Farheen Nilofer
- Sarah Masud
- Professor: Dr. Tanvir Ahmad
- Mozilla Advisor: Simon Bennetts
ZAP supports all JSR223 scripting languages, but only for a limited number of purposes. This development would allow 'full add ons ' to be written in any JSR223 languages.
- Team presentation
- Project introduction: OWASP ZAP: Scripted Add-ons
- Set deadline: 18/1/2015
- Schedule meetings:26/08/2014
- Plan for the next week:
- current work
Brushing up java skills Trying to work and understand script add on already present in ZAP
- blocking points
- discussion points
- upcoming work
Compile and run a simple add on which would form the base of ZAP add on extension. Study the area of source code implementing script add on. Run Bodge It and test various kinds of vulnerabilities through ZAP.
- Now, our main aim is to make permanent the changes which we bring through writing scripts on script console. For that we would try to gain access to an object of ExtensionHook and try to make changes though that object
AddOnLoader and ExtensionHook so that the menu item added need not be again and again entered through scripting .
- We are working on summarizing the needed classes.