h4cker/web_application_testing/README.md

# Web Application Testing References


## Vulnerable Servers
There are a series of vulnerable web applications that you can use to practice your skills in a safe environment. You can get more information about them in the [vulnerable_servers directory in this repository](https://github.com/The-Art-of-Hacking/art-of-hacking/tree/master/vulnerable_servers).

## A Few Popular Tools
The following are a few popular tools that you learned in the video courses part of these series:
* [Burp Suite](https://portswigger.net/burp)
* [OWASP Zed Attack Proxy (ZAP)](https://github.com/zaproxy/zaproxy)
* [sqlmap](http://sqlmap.org/)
* [Paros Proxy](http://sectools.org/tool/paros/)
* [httrack](https://www.httrack.com/)
* [skipfish](https://code.google.com/archive/p/skipfish/)

## How to Integrate OWASP ZAP with Jenkins
You can integrate ZAP with Jenkins and even automatically create Jira issues based on your findings. You can download the [ZAP plug in here](https://wiki.jenkins.io/display/JENKINS/zap+plugin).

[This video](https://www.youtube.com/watch?v=mmHZLSffCUg) provides an overview of how to integrate  

## Popular Commercial Tools
* [Qualys Web Scanning](https://www.qualys.com/apps/web-app-scanning/)
* [IBM Security AppScan](https://www.ibm.com/security/application-security/appscan)

## TONS of #AWESOME Web Security Resources
* https://github.com/qazbnm456/awesome-web-security
adding web application testing references Adding how to integrate ZAP with Jenkins and automate web application testing assessments 2018-03-26 23:42:40 +00:00			`# Web Application Testing References`


			`## Vulnerable Servers`
			`There are a series of vulnerable web applications that you can use to practice your skills in a safe environment. You can get more information about them in the [vulnerable_servers directory in this repository](https://github.com/The-Art-of-Hacking/art-of-hacking/tree/master/vulnerable_servers).`

			`## A Few Popular Tools`
			`The following are a few popular tools that you learned in the video courses part of these series:`
			`* [Burp Suite](https://portswigger.net/burp)`
			`* [OWASP Zed Attack Proxy (ZAP)](https://github.com/zaproxy/zaproxy)`
			`* [sqlmap](http://sqlmap.org/)`
			`* [Paros Proxy](http://sectools.org/tool/paros/)`
			`* [httrack](https://www.httrack.com/)`
			`* [skipfish](https://code.google.com/archive/p/skipfish/)`

			`## How to Integrate OWASP ZAP with Jenkins`
			`You can integrate ZAP with Jenkins and even automatically create Jira issues based on your findings. You can download the [ZAP plug in here](https://wiki.jenkins.io/display/JENKINS/zap+plugin).`

			`[This video](https://www.youtube.com/watch?v=mmHZLSffCUg) provides an overview of how to integrate`
adding references to additional tools 2018-03-27 00:03:34 +00:00
			`## Popular Commercial Tools`
			`* [Qualys Web Scanning](https://www.qualys.com/apps/web-app-scanning/)`
			`* [IBM Security AppScan](https://www.ibm.com/security/application-security/appscan)`
Update README.md 2018-04-06 20:53:37 +00:00
			`## TONS of #AWESOME Web Security Resources`
			`* https://github.com/qazbnm456/awesome-web-security`