Modovi
ZAP UI ima 'mod' koji može biti:
- Safe - no potentially dangerous operations permitted
- Protected - you can only perform (potentially) dangerous actions on URLs in the Scope
- Standard - as in previous releases, you can do anything
It is recommended that you use the Protected mode to ensure that you only attack sites that you mean to.
The mode can be changed via the toolbar
and is persisted between sessions.
It does not apply to the API.
Examples of the things that will not be possible in either Safe mode or in Protected mode when not acting on URLs in the Scope:
- Spidering
- Active Scanning
- Fuzzing
- Force Browsing
- Breaking (intercepting)
- Resending requests
Još vidjeti