Sites tab
The Sites tab shows all of the URLs visited in a tree structure.
You can select any of the nodes in the tree to display the request and response for that URL
in the relevant tabs.
Right click menu
Right clicking on a node will bring up a menu which will allow you to:
Атака
The Attack menu has the following submenus:
Active Scan Site
This will initiate an
active scan of the whole of the site containing the selected node.
The Active Scan tab will be display and will show the progress of the scan.
Active Scan Node
This will initiate an
active scan of just the node selected.
The Active Scan tab will be display and will show the progress of the scan.
Spider Site
This will initiate a
spider scan of the whole of the site containing the selected node.
The Spider tab will be displayed and will show the progress of the scan.
Обойти поддерево пауком
This will initiate a spider scan with all the nodes in the subtree
of the selected node contained in the Seed list.
The Spider tab will be displayed and will show the progress of the scan.
Обойти URL пауком
This will initiate a
spider scan starting (in the seed list) only with the selected node.
The Spider tab will be displayed and will show the progress of the scan.
Spider all in Scope
This will initiate a spider scan starting (in the seed list) with all
the nodes the user has selected as being "In Scope".
The Spider tab will be displayed and will show the progress of the scan.
Include in Context
This menu allows you to include the selected nodes and all of their subordinates in the specified
context.
You also have the option to create a new context.
The Session Contexts dialog will be displayed to
allow you to make any additional changes.
Исключить из контекста
This menu allows you to exclude the selected nodes and all of their subordinates from the specified
context.
The Session Contexts dialog will be displayed to
allow you to make any additional changes.
Flag as context
This menu has the following submenus for each of the
contexts you have defined:
Login request
This identifies the specified node as a login request.
You may only have one node identified as such in any one context.
The Session Contexts dialog will be displayed to
allow you to make any additional changes.
Logout request
This identifies the specified node as a logout request.
You may only have one node identified as such in any one context.
The Session Contexts dialog will be displayed to
allow you to make any additional changes.
Исключить из
This menu has the following submenus:
Прокси-сервер
This will exclude the selected nodes from the proxy. They will still be proxied via ZAP but will not be shown
in any of the tabs.
This can be used to ignore URLs that you know are not relevant to the system you are currently testing.
The nodes can be included again via the Свойства сессии dialog
Сканер
This will prevent the selected nodes from being actively scanned.
The nodes can be included again via the Свойства сессии dialog
Паук
This will prevent the selected nodes from being spidered.
The nodes can be included again via the Свойства сессии dialog
Удалить
This will remove the node and all of its children from ZAP.
However they can be added back in, to prevent this use the 'Exclude from' menus.
Прерывание...
This will bring up a new window which will allow you to set a
break point on that URL.
The break point is defined via a regular expression. If you visit a URL which matches this
expression then ZAP will intercept it and allow you to change either the request and/or the
response.
Оповещения для этого узла
If the URL selected has alerts associated with it then
they will be listed under this menu.
Selecting one of the alerts will cause it to be displayed.
Переслать...
This will bring up the
Resend dialog which allows you to
resend the request after making any changes to it that you want to.
Новое оповещение...
This will bring up the
Add Alert dialog which allows you to manually record a new
alert against this request.
Показать во вкладке Истории
This will show the selected node in the History tab.
Открыть URL в браузере
This will open the URL of the selected node in your default browser.
Generate anti CSRF test form
This will open a URL which will give you a generated form for testing for CSRF issues.
It will only be enabled for POST requests, if the API is enabled and if Java supports the opening of URLs
in a browser on your platform.
Обновить дерево сайтов
Occasionally the Sites tree can be displayed incorrectly - this option will redraw it.
See also