/docs/desktop/start/ Recent content in Getting Started on ZAP Hugo en-us /docs/desktop/start/proxies/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/desktop/start/proxies/ <h1 id="configuring-proxies">Configuring Proxies</h1> <p>The best way to use a browser with ZAP is to launch it from ZAP. It will then be automatically configured to proxy through ZAP and to ignore certificate warnings.</p> <p>If for any reason you are unable or unwilling to do that then you will need to configure your browser to use ZAP as a proxy.</p> /docs/desktop/start/checks/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/desktop/start/checks/ <h1 id="scanner-rules">Scanner Rules</h1> <p>ZAP supports both <a href="/docs/desktop/start/features/ascan/">active</a> and <a href="/docs/desktop/start/features/pscan/">passive</a> scanning rules.</p> <p>All rules are contained in <a href="/docs/desktop/start/features/addons/">add-ons</a> so that they can be updated quickly and easily.</p> <p>By default ZAP ships with just the &lsquo;Release&rsquo; status rules, but you can install &lsquo;Beta&rsquo; and &lsquo;Alpha&rsquo; status rules via the <a href="/docs/desktop/ui/dialogs/manageaddons/">Manage Add-ons dialog</a>.</p> <p><a href="/docs/desktop/start/features/scanpolicy/">Scan Policies</a> define which rules run and how they run.</p> /docs/desktop/start/pentest/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/desktop/start/pentest/ <h1 id="a-basic-penetration-test">A Basic Penetration Test</h1> <p>A basic penetration test is made up of the following steps:</p> <h3 id="explore">Explore <a class="header-link" href="#explore"><svg class="fill-current o-60 hover-accent-color-light" height="22px" viewBox="0 0 24 24" width="22px" xmlns="http://www.w3.org/2000/svg"><path d="M0 0h24v24H0z" fill="none"/><path d="M3.9 12c0-1.71 1.39-3.1 3.1-3.1h4V7H7c-2.76 0-5 2.24-5 5s2.24 5 5 5h4v-1.9H7c-1.71 0-3.1-1.39-3.1-3.1zM8 13h8v-2H8v2zm9-6h-4v1.9h4c1.71 0 3.1 1.39 3.1 3.1s-1.39 3.1-3.1 3.1h-4V17h4c2.76 0 5-2.24 5-5s-2.24-5-5-5z" fill="currentColor"/></svg></a></h3> <p>Use your browser to explore all of the functionality provided by the application.<br> Follow all links, press all buttons and fill in and submit all forms.<br> If the applications supports multiple roles then do this for each of the roles.<br> For each role save the ZAP session in a different file and start a new session before you start using the next role.</p>