Sites tab
The Sites tab shows all of the URLs visited in a tree structure.
You can select any of the nodes in the tree to display the request and response for that URL
in the relevant tabs.
Right click menu
Right clicking on a node will bring up a menu which will allow you to:
Attack
The Attack menu has the following submenus:
Active Scan Site
This will initiate an
active scan of the whole of the site containing the selected node.
The Active Scan tab will be display and will show the progress of the scan.
Active Scan Node
This will initiate an
active scan of just the node selected.
The Active Scan tab will be display and will show the progress of the scan.
Spider Site
This will initiate a
spider of the whole of the site containing the selected node.
The Spider tab will be display and will show the progress of the scan.
Brute Force Site
This will initiate a
brute force of the whole of the site containing the selected node.
The Brute Force tab will be display and will show the progress of the scan.
Port Scan host
This will initiate a
port scan of the host for the selected node.
The Port Scan tab will be display and will show the progress of the scan.
Exclude from
This menu has the following submenus:
Proxy
This will exclude the selected nodes from the proxy. They will still be proxied via ZAP but will not be shown
in any of the tabs.
This can be used to ignore URLs that you know are not relevant to the system you are currently testing.
The nodes can be included again via the Session Properties dialog
Scanner
This will prevent the selected nodes from being actively scanned.
The nodes can be included again via the Session Properties dialog
Spider
This will prevent the selected nodes from being spidered.
The nodes can be included again via the Session Properties dialog
Run application
This menu allows you to invoke applications that you
have configured via the Options Applications screen which
is also accessible via the 'Configure applications...' submenu.
Delete
This will remove the node and all of its children from ZAP.
However they can be added back in, to prevent this use the 'Exclude from' menus.
Break...
This will bring up a new window which will allow you to set a
break point on that URL.
The break point is defined via a regular expression. If you visit a URL which matches this
expression then ZAP will intercept it and allow you to change either the request and/or the
response.
Resend...
This will bring up the
Resend dialog which allows you to
resend the request after making any changes to it that you want to.
New Alert...
This will bring up the
Add Alert dialog which allows you to manually record a new
alert against this request.
Show in History tab
This will show the selected node in the History tab.
Open URL in Browser
This will open the URL of the selected node in your default browser.
Refresh Sites tree
Occasionally the Sites tree can be displayed incorrectly - this option will redraw it.
See also