Fuzzer tab

The Fuzzer tab shows you the requests and responses performed when you fuzz a string.
Selecting a row see the full requests and responses. You can also search for strings in the fuzz results using the Search tab.

HTTP Fuzzer results

The results have to be manually assessed to know if any vulnerability was found.
Meaning of values of the "State" column:

Right click menu

Right clicking on a row will bring up a menu which will allow you to:

Exclude from

This menu has the following submenus:

Proxy

This will exclude the selected nodes from the proxy. They will still be proxied via ZAP but will not be shown in any of the tabs.
This can be used to ignore URLs that you know are not relevant to the system you are currently testing.
The nodes can be included again via the Właściwości sesji dialog

Scanner

This will prevent the selected nodes from being actively scanned.
The nodes can be included again via the Właściwości sesji dialog

Pająk

This will prevent the selected nodes from being spidered.
The nodes can be included again via the Właściwości sesji dialog

Prześlij ponownie...

This will bring up the Resend dialog which allows you to resend the request after making any changes to it that you want to.

Nowe zagrożenie...

This will bring up the Add Alert dialog which allows you to manually record a new alert against this request.

Otwórz adres URL w przeglądarce

This will open the URL of the selected node in your default browser.

Zobacz również

     UI Overviewfor an overview of the user interface
     Options Fuzz screenfor details of the fuzz configuration