Forum Discussion
Bronze IIIntroduction to OWASP ZAP
So, your mistake is that you assume the "/checkout" page is the draft checkout page you are looking for but its not
In order to find the correct page, you are expected to perform a ZAP spider attack. Authentication configurations should be there because only then ZAP will be able to fully crawl the website. After that if you look at the resources ZAP finds carefully, the correct URL should be there
Regarding configuring the ZAP for this Briefing section should guide you
Bronze IIThank you, I managed to find what I needed but just by inspecting the source code of the basket, TBH I was expecting to ZAP find the target url itself by checking the Parse HTML comments in the advanced option of the spider.. but that wasn't the case.
So Lab finished but still having the feeling that it was not because ZAP was correctly configured😅
Community ManagerPedroCollado there are often multiple ways to complete a lab, I'm glad to see you found one!
If you found AtakanBal's reply useful, please don't forget to mark it as a Solution ✅
Marking a reply as a solution helps other community members to find answers to questions that they may also have. It also confirms to your fellow community members that their reply was helpful! You can accept more than one reply as a solution.
