Modes
The ZAP UI has a 'mode' which can be:
Safe - no potentially dangerous operations permitted
Protected - you can only perform (potentially) dangerous actions on URLs in the
Scope
Standard - as in previous releases, you can do anything
It is recommended that you use the Protected mode to ensure that you only attack sites that you mean to.
The mode can be changed via the
toolbar
and is persisted between sessions.
It does not apply to the API.
Examples of the things that will not be possible in either Safe mode or in Protected mode when not acting on URLs in the Scope:
Spidering
Active Scanning
Générateur de bruit
Force Browsing
Breaking (intercepting)
Resending requests
Voir aussi
Aperçu de l'interface utilisateur
pour un aperçu de l'interface utilisateur
Fonctionnalités
fournies par ZAP