Fuzzer tab

The Fuzzer tab shows you the requests and responses performed when you fuzz a string.
Selecting a row see the full requests and responses. You can also search for strings in the fuzz results using the Search tab.

HTTP Fuzzer results

The results have to be manually assessed to know if any vulnerability was found.
Meaning of values of the "State" column:

Right click menu

Right clicking on a row will bring up a menu which will allow you to:

Исключить из

This menu has the following submenus:

Прокси-сервер

This will exclude the selected nodes from the proxy. They will still be proxied via ZAP but will not be shown in any of the tabs.
This can be used to ignore URLs that you know are not relevant to the system you are currently testing.
The nodes can be included again via the Свойства сессии dialog

Сканер

This will prevent the selected nodes from being actively scanned.
The nodes can be included again via the Свойства сессии dialog

Паук

This will prevent the selected nodes from being spidered.
The nodes can be included again via the Свойства сессии dialog

Переслать...

This will bring up the Resend dialog which allows you to resend the request after making any changes to it that you want to.

Новое оповещение...

This will bring up the Add Alert dialog which allows you to manually record a new alert against this request.

Открыть URL в браузере

This will open the URL of the selected node in your default browser.

See also

     UI Overviewfor an overview of the user interface
     Options Fuzz screenfor details of the fuzz configuration