HelpUiTlmenuReport
This menu handles the reports.
This generates a new HTML report containing the alerts raised.
This generates a new XML report containing the alerts raised.
This allows you to save requests and responses to a text file. Select the messages to save in the History tab - use the shift key to select multiple messages.
This allows you to save a specific response to a file. Select the relevant message in the History tab - note that binary responses (such as images) can be saved as well as test responses.
This allows you to save all of the URLs accessed to a text or HTML file. The URLs will be preceded by the HTTP method used. This can be used, amongst other things, to compare the URLs available to users with different roles or permissions on the same system.
This prompts you for a ZAP session that you have previously saved. It then prompts you for an output file into which is written all of the URLs accessed by the current session and the session you have selected to compare it with. The file will contain a table listing the URLs and the HTTP responses for the URLs in the 2 sessions. JavaScript buttons allow you to display all of the URLs, just those accessed in the first session, the second session and those accessed by both sessions. This is particularly useful for comparing 2 sessions which access the same application using different users. You will be able to see which URLs are visible to the users and will be able to try to access all of the URLs when logged in as either of the users.
Note that add-ons can add additional menu items.
| The top level menu | ||
| UI Overview | for an overview of the user interface |
-
ZAP User Guide
- Introduction
-
Getting Started
- Configuring proxies
-
Features
- Active Scan
- Add-ons
- Alerts
- Anti CSRF Tokens
- API
- Authentication
- Break Points
- Callbacks
- Contexts
- Data Driven Content
- Filters
- Globally Excluded URLs
- HTTP Sessions
- Man-in-the-middle Proxy
- Modes
- Notes
- Passive Scan
- Scan Policies
- Scope
- Session Management
- Spider
- Statistics
- Structural Modifiers
- Structural Parameters
- Tags
- Users
- Scanner Rules
- A Simple Penetration Test
-
The User Interface
- Overview
- The Top Level Menu
- The Top Level Toolbar
- The Tabs
-
The Dialogs
- Active Scan
- Add Alert
- Add Break Point
- Add Note
- Encode/Decode/Hash
- Filter
- Find
- History Filter
- Manual Request Editor
- Manage Add-ons
- Manage Tags
-
Options
- Active Scan
- Active Scan Input Vectors
- Alerts
- Anti CSRF Tokens
- API
- Breakpoints
- Callback Address
- Certificate
- Check for Updates
- Connection
- Database
- Display
- Dynamic SSL Certificates
- Extensions
- Global Exclude URL
- HTTP Sessions
- JVM
- Keyboard
- Language
- Local Proxies
- Passive Scan Rules
- Passive Scan Tags
- Passive Scanner
- Rule Configuration
- Scripts
- Search
- Spider
- Statistics
- Persist Session
- Resend
- Scan Policy Manager
- Scan Progress
- Session
- Spider
- The Footer
- Command Line
- Add Ons
- Releases
- Paros Proxy
- Credits
