Thank you so much Naveen🎉,i was trying to do the poc in my org,this video was a saviour for me , you have been phenomenal in helping the QA professionals accross globe ,keep going 👏
Thanks to sharing this video. We recently implemented owsap zap plugin in our automation framework. It assisted us a lot of catching cross site scripting and sql injection issues.
@@sunjitkumar7082 it is integrated in my organization project so it is not possible to share.. But i have separate demo for selenium and OWSAP, I will add a repo in git hub and will share with you in 1 or 2 days.
We appreciate your efforts on sharing this session, there are many things which you have missed and should part of this demo like spidering, passive and active scanning. You should have choose some live example which describe about capturing Xss, sql injection issues and how to replicate them manually in appliancation. There could be more discussion around handling login owsap token in zap plugin as most of application use token based login to secure application. Trust me developer wil entertain you only if you are reporting cross site scripting, sql injection issues in application ,those issues you have shown in report are common and does not have serious threat to the application.
As I mentioned this is just a demo with selenium integration. I have not explained about various features of zap and security testing, which is out fo scope for this video. In one single video, can’t cover complete security scenarios.
Hi @ranaindiavlogs9943 , Is there any other tutorial you would like to suggest for the detailed explanation? Also, do you know any github project which can be referred. Thanks
Hi Naveen...thank you for providing the video its really well explained...one suggestion...we are not supposed to use public websites without Authorization where you can scan the website.....either use your own app or something which is running in local
This is really amazing! Thanks alot Naveen. Can you please tell me what are the other security tests we can automate to be an industry standard automation project? Thanks again..
Hi Naveen- thanks for this tutorial. Do we need to keep the ZAP app open when running our testNG test? if so, can u please explain the reason. Thanks in advance.
@naveen Sir Same code i was practicing able to see below error Report is not generated could you please let me know the cause. org.zaproxy.clientapi.core.ClientApiException: Does Not Exist
naveen Sir Same code i was practicing able to see below error Report is not generated could you please let me know the cause. org.zaproxy.clientapi.core.ClientApiException: Does Not Exist
Thank you so much Naveen🎉,i was trying to do the poc in my org,this video was a saviour for me , you have been phenomenal in helping the QA professionals accross globe ,keep going 👏
GREAT WORK DONE. It was extremely helpful. Thank you very much sir.
Thanks Naveen for posting. Very Informative tutorial on OWASP ZAP
Thanks for your excellent presentation 👍👍👍 this is really helpful❤️❤️❤️
Thanks to sharing this video. We recently implemented owsap zap plugin in our automation framework. It assisted us a lot of catching cross site scripting and sql injection issues.
Hi Rana, did u implemented it on every page
@@sunjitkumar7082 yes, of course, we have integrated owsap zap with regression. Each release with regression, security test also runs.
Is it possible for you to share the repo? We want to implement it in our automation framework
@@sunjitkumar7082 it is integrated in my organization project so it is not possible to share.. But i have separate demo for selenium and OWSAP, I will add a repo in git hub and will share with you in 1 or 2 days.
@@vrana_fitness could you kindly update the link .
Thank you Naveen for sharing such a good knowledge...really appreciated..thank you so much.
Thank you sir i am seriously searching security testing and you helped me a lot
Much waited one.....
Thanku so so much 😊
We appreciate your efforts on sharing this session, there are many things which you have missed and should part of this demo like spidering, passive and active scanning. You should have choose some live example which describe about capturing Xss, sql injection issues and how to replicate them manually in appliancation. There could be more discussion around handling login owsap token in zap plugin as most of application use token based login to secure application. Trust me developer wil entertain you only if you are reporting cross site scripting, sql injection issues in application ,those issues you have shown in report are common and does not have serious threat to the application.
As I mentioned this is just a demo with selenium integration. I have not explained about various features of zap and security testing, which is out fo scope for this video. In one single video, can’t cover complete security scenarios.
@@naveenautomationlabs That's fine, no problem. Respect for your all contributions to testing community. Keep going. 🙏🙏
Hi @ranaindiavlogs9943 , Is there any other tutorial you would like to suggest for the detailed explanation? Also, do you know any github project which can be referred. Thanks
@@neegee6252 sure I will check and confirm you , allow me some time please
Wonderful content. Thank you Naveen sir😊😊
Hi, do you have any videos showing how to create a maven project ? I'm having some difficulties on how to add the dependency from 2:32. Thank you
Hi Naveen...thank you for providing the video its really well explained...one suggestion...we are not supposed to use public websites without Authorization where you can scan the website.....either use your own app or something which is running in local
This is really amazing! Thanks alot Naveen. Can you please tell me what are the other security tests we can automate to be an industry standard automation project? Thanks again..
I really appreciate your efforts and time on sharing this session with us. However, you have not share the session on your github space. Many thanks.
@naveen sir please can you add more videos related to security testing with selenium like how we do SQL injection etc
very great video
Thanks naveen for the video
Have a query not related to this topic
Can we automate elements inside embed tag??
Does it navigates to all the sub pages or only scanning the index page?
Hi Naveen...I am getting session not created This version of chromedriver only supports chrome version ...what needs to do to resolve this
@naveeen :Can you suggest any security tool for desktop app
Hi Naveen- thanks for this tutorial. Do we need to keep the ZAP app open when running our testNG test? if so, can u please explain the reason. Thanks in advance.
@Naveen sir,Can you please make a video on how we can change the request or response with zap with the help of selenium
Use active scan with api.ascan method
Hi naveen, I could not perform any action on the element when integrated with zap. Getting element not found exception.. Can you please help?
Disable HUD functionality from ZAP software
Hi Naveen, bro why we are creating proxy class instance here??
Hi Naveen, thanks for the video.Can we do the same using Selenium with C#.
what type of test cases we can test as part of security??
Please make security testing videos on API also.
Hi Naveen Sir. I am not able to do same with firefox browser. Can you please guide me
Is it good to add security testing skill with selenium Java
can i get the code of the video?
@naveen Sir Same code i was practicing able to see below error Report is not generated could you please let me know the cause.
org.zaproxy.clientapi.core.ClientApiException: Does Not Exist
Same problem
Change the report type to traditional-html-plus
@@chrispaquette5078 Thank you so much,I had spent 2 days to find the solution 😂even chatgpt didn't help
naveen Sir Same code i was practicing able to see below error Report is not generated could you please let me know the cause.
org.zaproxy.clientapi.core.ClientApiException: Does Not Exist
@balwanbiradar547 - even i am facing same issue ,did you get the solution ? can you please respond