Please can you explain the part where we have 301 status codes during the active scan where it saying moved permanently. What does that do on the website? I'm worried if it actually goes in and move the files and contents of the sites messing up everything.
After you enter the credential s around the 7-minute mark I don't have any HTTP Sessions available after opening my site. What would be the cause of this?
When scanning with ZAP you are logging in as admin and then trying to get vulnerability. How is that possible in real life scenario. Like this scanner is suppose to simulate your self as attacker, normally attackers don't have the admin username and password and if you have that there is nothing to test. Or am I wrong
thank you for this!
Please can you explain the part where we have 301 status codes during the active scan where it saying moved permanently. What does that do on the website? I'm worried if it actually goes in and move the files and contents of the sites messing up everything.
After you enter the credential s around the 7-minute mark I don't have any HTTP Sessions available after opening my site. What would be the cause of this?
thank you
When scanning with ZAP you are logging in as admin and then trying to get vulnerability. How is that possible in real life scenario. Like this scanner is suppose to simulate your self as attacker, normally attackers don't have the admin username and password and if you have that there is nothing to test. Or am I wrong
bro this stuff is all fake and unrealistic
Because we are doing thing ethically not malicious
bro lets say you build your own site wont you want to test it. so this tool works for both attackers and for defense.