Fuzzer tab

The Fuzzer tab shows you the requests and responses performed when you fuzz a string.
Selecting a row see the full requests and responses. You can also search for strings in the fuzz results using the Search tab.

HTTP Fuzzer results

The results have to be manually assessed to know if any vulnerability was found.
Meaning of values of the "State" column:

Right click menu

Right clicking on a row will bring up a menu which will allow you to:

Excluir de

This menu has the following submenus:

Proxy

This will exclude the selected nodes from the proxy. They will still be proxied via ZAP but will not be shown in any of the tabs.
This can be used to ignore URLs that you know are not relevant to the system you are currently testing.
The nodes can be included again via the Propriedades da Sessão dialog

Scanner

This will prevent the selected nodes from being actively scanned.
The nodes can be included again via the Propriedades da Sessão dialog

Spider

This will prevent the selected nodes from being spidered.
The nodes can be included again via the Propriedades da Sessão dialog

Reenviar...

This will bring up the Resend dialog which allows you to resend the request after making any changes to it that you want to.

Novo Alerta...

This will bring up the Add Alert dialog which allows you to manually record a new alert against this request.

Ver no Navegador

This will open the URL of the selected node in your default browser.

See also

     UI Overviewfor an overview of the user interface
     Options Fuzz screenfor details of the fuzz configuration