Relevant bibliographies by topics / OWASP ZAP

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Book chapters
  4. Conference papers

Academic literature on the topic 'OWASP ZAP'

Author: Grafiati
Published: 4 June 2021
Last updated: 18 June 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'OWASP ZAP.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "OWASP ZAP"

1

Putra Pura, Calvin Bernandra, Try Yudha Maulana, Aldi Februri, and Tamsir Ariyadi. "Analisis Celah Keamanan Website Menggunakan Tools OWASP ZAP Di Kali Linux." JUSTER : Jurnal Sains dan Terapan 4, no. 1 (2025): 46–51. https://doi.org/10.57218/juster.v4i1.1341.

Full text
Abstract:
Seiring dengan meningkatnya penggunaan internet untuk berbagai macam aktivitas, keamanan website menjadi salah satu masalah yang sangat penting. Melakukan audit dan pengujian celah keamanan adalah salah satu cara untuk memastikan situs web aman. Alat OWASP Zed Attack Proxy (ZAP), sebuah alat sumber terbuka yang digunakan untuk mengidentifikasi serangan, digunakan dalam penelitian ini. OWASP ZAP diaktifkan di Kali Linux untuk mengidentifikasi potensi masalah keamanan web. Penelitian ini bertujuan untuk menganalisis celah keamanan pada website dengan menggunakan tools OWASP Zed Attack Proxy (ZAP) di lingkungan Kali Linux. OWASP ZAP merupakan salah satu tools open-source yang banyak digunakan untuk mengidentifikasi kerentanan pada aplikasi web. Penelitian ini menggunakan pendekatan eksperimen dengan memanfaatkan OWASP ZAP untuk melakukan scanning terhadap website target. Proses ini mencakup identifikasi celah keamanan, analisis risiko, dan pemberian rekomendasi mitigasi terhadap kerentanan yang ditemukan. Hasil penelitian menunjukkan beberapa kerentanannya, seperti serangan Cross-Site Scripting (XSS), SQL Injection, dan kesalahan konfigurasi keamanan yang dapat diperbaiki untuk meningkatkan keamanan website.
APA, Harvard, Vancouver, ISO, and other styles
2

Wenny, Rizca, and Fandi Yulian Pamuji. "Perbandingan Evaluasi Kerentanan Menggunakan Tenable Nessus Scanner dan Owasp Zed Attack Proxy untuk Meningkatkan Keamanan Sistem Informasi Kepegawaian di Universitas Merdeka Malang." Jurnal Ilmiah Universitas Batanghari Jambi 24, no. 3 (2024): 2451. http://dx.doi.org/10.33087/jiubj.v24i3.5488.

Full text
Abstract:
This study aims to compare the vulnerability analysis between Tenable Nessus Scanner and OWASP Zed Attack Proxy (ZAP) for improving the security of the Human Resource Information System (HRIS) website at Universitas Merdeka Malang. The research methodology includes the use of both Nessus and OWASP ZAP tools to scan the HRIS website for potential vulnerabilities. The findings of this research indicate that OWASP ZAP identified several critical web application vulnerabilities such as the absence of Anti-CSRF tokens, lack of Content Security Policy (CSP) headers, and missing Anti-Clickjacking headers, which are essential for maintaining the security and integrity of user data. On the other hand, Nessus Scanner focused more on network and server infrastructure vulnerabilities. The results suggest that OWASP ZAP is more effective for web application security in this context. Recommendations are provided to address the identified vulnerabilities and enhance the overall security of the HRIS website.
APA, Harvard, Vancouver, ISO, and other styles
3

Singh, Yuvraj. "WebSec : Exploring and Modulating Vulnerabilities." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 04 (2024): 1–5. http://dx.doi.org/10.55041/ijsrem30620.

Full text
Abstract:
This research investigates the performance of the OWASP Zed Attack Proxy (OWASP ZAP) and Paros open-source vulnerability scanners on the Damn Vulnerable Web Application (DVWA). By evaluating their capability to identify vulnerabilities, along with assessing their user-friendliness and features, the study highlights each scanner's strengths and weaknesses. The insights aim to assist developers and security professionals in selecting the most effective tools for improving the security posture of web applications. Keywords—Web Application Security, Vulnerability Scanners, OWASP ZAP, Paros, Damn Vulnerable Web Application (DVWA), Open Source Tools, Cybersecurity, Penetration Testing.
APA, Harvard, Vancouver, ISO, and other styles
4

Putra, Fauzan Prasetyo Eka, Ubaidi Ubaidi, Amir Hamzah, Walid Agel Pramadi, and Alief Nuraini. "Systematic Literature Review: Security Gap Detection On Websites Using Owasp Zap." Brilliance: Research of Artificial Intelligence 4, no. 1 (2024): 348–55. http://dx.doi.org/10.47709/brilliance.v4i1.4227.

Full text
Abstract:
This research highlights the detection of security vulnerabilities on websites using OWASP ZAP, a highly regarded open-source web security testing tool. Through a comprehensive literature review approach and systematic research methodology, this research emphasizes the urgency of addressing the ever-evolving security threats in web systems. Web security is a crucial aspect of information technology as more and more sensitive data is transmitted through web applications. OWASP ZAP, recognized for its reliability in identifying various security holes, was used to evaluate its effectiveness and efficiency in detecting vulnerabilities in web applications. This tool assists developers and security researchers in finding and fixing weaknesses that could be exploited by attackers. The results of the study show that OWASP ZAP is not only effective in identifying vulnerabilities such as SQL Injection, XSS (Cross-Site Scripting), and misconfiguration but also provides practical solutions to strengthen overall web security. Additionally, this research identifies several challenges faced when using OWASP ZAP and offers recommendations to address these issues. This study makes a significant contribution towards a better understanding of web security and offers recommendations for the implementation of better security testing tools in web development environments. Consequently, this research encourages the adoption of more proactive and systematic security practices in web application development.
APA, Harvard, Vancouver, ISO, and other styles
5

Muhammad Amirul Mu'min, Yana Safitri, Galih Pramuja Inngam Fanani, Setiawan Ardi Wijaya, and Novi Tristanti. "Security Analysis of XYZ Website Using OWASP Zap Tools." Journix: Journal of Informatics and Computing 1, no. 1 (2025): 10–20. https://doi.org/10.63866/journix.v1i1.1.

Full text
Abstract:
In the growing digital era, website security is a critical aspect that must be considered. Vulnerabilities such as Cross-Site Scripting (XSS), Clickjacking, and Man-in-the-Middle can pose serious risks to data integrity and security. Therefore, effective tools are needed to identify and evaluate such vulnerabilities to prevent costly exploitation. This research aims to analyze security vulnerabilities on the website using OWASP ZAP (Zed Attack Proxy) as a penetration testing tool, and provide mitigation recommendations to improve system security. The method used is penetration testing by utilizing OWASP ZAP to identify security vulnerabilities on the website. The research stages include testing, analyzing the results, and preparing mitigation recommendations based on the findings of vulnerabilities such as A01, A03, and A04. The results showed that OWASP ZAP successfully identified various vulnerabilities, including XSS, Clickjacking, and Man-in-the-Middle. Recommended mitigation measures include configuring security headers and protecting sensitive data to prevent exploitation. OWASP ZAP proved to be effective in detecting and evaluating security vulnerabilities on websites. In addition, the tool also raises awareness of the importance of strong security policies. With the implementation of mitigation recommendations, website owners can better protect sensitive data, maintain user trust, and stay safe in an increasingly complex digital environment.
APA, Harvard, Vancouver, ISO, and other styles
6

Aryadi, Tamsir, Andini Putri Salsabila, and Yoga Pratama Nugroho. "Implementasi Secure Code Pada Pengembangan Sistem Keamanan Website Teknik Komputer Universitas Bina Darma Menggunakan Penetration Testing dan OWASP ZAP." JUSTER : Jurnal Sains dan Terapan 4, no. 1 (2025): 27–30. https://doi.org/10.57218/juster.v4i1.1321.

Full text
Abstract:
Keamanan website merupakan aspek yang sangat penting dalam melindungi data dan informasi dari ancaman siber. Penelitian ini bertujuan untuk mengimplementasikan secure code pada pengembangan sistem keamanan website Teknik Komputer Universitas Bina Darma. Metode yang digunakan mencakup penerapan penetration testing dan pemanfaatan OWASP ZAP (Zed Attack Proxy) untuk mengidentifikasi serta memperbaiki potensi kerentanan dalam kode program. Penelitian dimulai dengan melakukan analisis keamanan menggunakan OWASP ZAP untuk mendeteksi kelemahan seperti injeksi SQL, cross-site scripting (XSS), dan serangan lainnya. Berdasarkan temuan tersebut, dilakukan penerapan secure coding principles seperti input validation, parameterized queries, dan enkripsi data. Hasil penelitian menunjukkan bahwa penerapan secure code mampu secara signifikan mengurangi potensi kerentanan pada website yang diuji. Dengan mengintegrasikan penetration testing dan OWASP ZAP dalam proses pengembangan, sistem keamanan website menjadi lebih andal dalam menghadapi ancaman siber. Studi ini diharapkan dapat menjadi acuan dalam meningkatkan keamanan aplikasi web di lingkungan pendidikan tinggi.
APA, Harvard, Vancouver, ISO, and other styles
7

Riyan Farismana and Dian Pramadhana. "Perbandingan Vulnerability Assesment Menggunakan Owasp Zap dan Acunetix Pada Sistem Informasi Repositori Politeknik Negeri Indramayu." Jurnal Teknik Informatika dan Teknologi Informasi 3, no. 2 (2023): 26–32. http://dx.doi.org/10.55606/jutiti.v3i2.2853.

Full text
Abstract:
The security of web-based systems is an important thing that an organization needs to pay attention to, considering that currently all organizational business processes rely on the web to store and process their data. POLINDRA is also not left behind, which uses web technology to store and process a list of student work repositories into a web-based information system. This requires simultaneous testing and risk assessment to determine the level of existing risks and vulnerabilities. The results of the vulnerability assessment to determine security gaps carried out in the scientific work repository information system on the sista.polindra.ac.id page using two different tools, namely Owasp Zap and Acunetix, have several different results. On Owasp Zap, there were 22 warnings, while Acunetix found 499 warnings. Even though the number of alerts using Acunetix is greater, the alert type results are not as complete as Owasp Zap, which produces 22 alerts, while Acunetix only produces 10 alerts.
APA, Harvard, Vancouver, ISO, and other styles
8

Yuzar, Arnefia, and Alam Rahmatulloh. "PERBANDINGAN EFEKTIVITAS OWASP ZAP, ACUNETIX, NIKTO MENGGUNAKAN VULNERABILITY SCANNING UNTUK DETEKSI KERENTANAN APLIKASI WEB." JATI (Jurnal Mahasiswa Teknik Informatika) 9, no. 2 (2025): 2975–82. https://doi.org/10.36040/jati.v9i2.13227.

Full text
Abstract:
Keamanan aplikasi web menjadi isu penting seiring meningkatnya penggunaan aplikasi berbasis web, risiko serangan terhadap data sensitif yang dikelola juga meningkat. Vulnerability scanning merupakan metode efektif untuk mengidentifikasi dan menilai kerentanan aplikasi web. Penelitian ini bertujuan untuk membandingkan efektivitas tiga alat vulnerability scanning diantaranya OWASP ZAP, Acunetix, dan Nikto. Hasilnya dianalisis berdasarkan jumlah, jenis kerentanan, waktu pemindaian, kecepatan dan efisiensi alat. Hasil penelitian menunjukkan Acunetix sebagai alat paling komprehensif, mendeteksi total 20 kerentanan, termasuk seperti Cross-Site Scripting (XSS), dengan risiko tinggi dan menengah mencapai 75%. OWASP ZAP mendeteksi 13 kerentanan seperti Content Security Policy (CSP). Nikto mendeteksi 5 kerentanan seperti ketidakhadiran header X-XSS-Protection dan Expect-CT. Kombinasi ketiga alat ini memberikan cakupan keamanan yang lebih menyeluruh, OWASP ZAP mendeteksi kelemahan dasar, Acunetix mengidentifikasi kerentanan tingkat lanjut, dan Nikto memverifikasi konfigurasi server. Rekomendasi alat disusun berdasarkan hasil analisis, sehingga dapat menjadi langkah proaktif dalam meningkatkan keamanan aplikasi web terhadap ancaman siber.
APA, Harvard, Vancouver, ISO, and other styles
9

Umar, Rusydi, Imam Riadi, and Sonny Abriantoro Wicaksono. "APPLICATION OF OWASP ZAP FRAMEWORK FOR SECURITY ANALYSIS OF LMS USING PENTEST METHOD." JITK (Jurnal Ilmu Pengetahuan dan Teknologi Komputer) 10, no. 2 (2024): 224–30. http://dx.doi.org/10.33480/jitk.v10i2.5534.

Full text
Abstract:
Learning Management System (LMS) is an application currently popular for online learning. The presence of LMS offers better prospects for the world of education, where its highly efficient use allows learning anywhere and anytime through the internet or other computer media. This study focuses on analyzing the security of the Learning Management System (LMS) on the domain e-learning.ibm.ac.id using the Pentest method with the Owasp Zap Framework. Security is a crucial step that needs to be considered by IBM Bekasi in protecting data and information from hacker threats. In this study, the method used is Pentest. Pentest is a series of methods used to test the security of a system by conducting literature studies, searching for data information, and domain information, followed by testing using Owasp Zap to find security-related vulnerabilities. The results of the testing using the Pentest method involve several stages of testing and scanning. The first step is checking domain information using Whois Lookup tools and then scanning using ZenMap on e-learning.ibm.ac.id. In this domain information search, the domain status serverTransferProhibited and clientTransferProhibited was found. The next stage is Vulnerability Analysis, where scanning is performed on the domain e-learning.ibm.ac.id using Owasp Zap tools. Based on the results from Owasp Zap scan, 16 vulnerabilities were found, with the breakdown being 2 high risk, 3 medium risk, 6 low risk, and 5 informational. In the exploitation stage using SQLMap, errors were found in the tested parameters, preventing injection.
APA, Harvard, Vancouver, ISO, and other styles
10

Rahman, Aulia, Indra Indra, Nuralamsah Zulkarnaim, Muhammad Mukhram, and Agung Rizaldi. "ANALISIS IMPLEMENTASI NUCKLEI VULNERABILITY DAN OWASP-ZAP SCANNER UNTUK DETEKSI KERENTANAN KEAMANAN (SECURE SYSTEM) PADA PLATFORM WEB BASED." Jurnal Komputer Terapan 11, no. 1 (2025): 10–15. https://doi.org/10.35143/jkt.v11i1.6430.

Full text
Abstract:
Web-based platform security is an important aspect that developers must consider. However, numerous developer still exhibit insufficient attention to enhancing the security level of their websites, thereby increasing the likelihood of these platforms becoming targets of cyber attacks. To address this challenge, the utilization of tools such as Nuclei Vulnerability Scnner and Owasp Zap presents an effective solution for the rapid detection of potential vulnerabilities in web-based platforms. This research involved testing a locally developed dummy web application , with scanning processes conducted using the Nuclei Vulnerability Scanner and Owasp Zap tools. The findings reveal that Nuclei Vulnerability Scanner proves effective in identifying vulnerabilities at the network layer, particularly in relation to SSL/TLS protocols and proxy configurations. In contrast, Owasp Zap is more focused on detecting vulnerabilities within the web application layer, especially concerning security header configurations that may be exploited through browser-based attacks such as XSS and clickjacking. Mitigation of the identified vulnerabilities resulted in a substantial reduction in their severity, with a 90% decrease in Nuclei and an 80% reduction in Owasp Zap. Both tools demonstrated high accuracy and efficient scanning times, establishing them as effective solutions for enhancing security across both network and application layers. This study recommends the integration of these tools into a comprehensive cyber security strategy to safeguard system integrity and availability while addressing the continuously evolving threat landscape, in alignment with the layered security principle advocated in contemporary literature.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "OWASP ZAP"

1

Holovová, Simona. "Aplikace na podporu testování bezpečnosti webových aplikací." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2020. http://www.nusl.cz/ntk/nusl-433173.

Full text
Abstract:
This master´s thesis is about the security of web applications and penetration testing. The main goal is to gain knowledge about testing methodologies OWASP Testing Guide and ASVS and to implement this knowledge into a web application to assist during manual penetration testing. The theoretical part of the thesis describes both methodologies and web technologies used during the development of the application. The practical part of the thesis is about the design of the application based on the specification, its implementation, and security hardening.
APA, Harvard, Vancouver, ISO, and other styles
2

Fransén, Johan, and Adnan Sorlija. "Hacka dig själv och upptäck attacker." Thesis, Malmö universitet, Fakulteten för teknik och samhälle (TS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20852.

Full text
Abstract:
Denna uppsats bygger på idén om att hacka det egna systemet före en utomstående hackare gör det för att upptäcka systemets läckor. Detta görs med ett automatiserat hackingverktyg som utför penetrationstester mot en utvecklad hemsida. Lagringstekniken som används är en eventdatabas med namnet Event Store som lagrar varje händelse som skedde mot hemsidan. Syftet med Event Store är att upptäcka de olika penetrationstesterna och lagra dess händelser för att sedan ge indikationer till administratören att hemsidan var under attack. Uppsatsen riktar sig främst på ifall Event Store är lämpligt att implementera tillsammans med en hemsida som blir attackerad med penetrationstester och vilka för- och nackdelar det finns med att använda Event Store. Resultatet visar att Event Store kan användas för att identifiera anomalier mot en hemsida vid hackingattacker. Med stor sannolikhet kan intrång mot hemsidan bevisas med hjälp utav det utvecklade systemet med Event Store.<br>This thesis is based on the idea of hacking your own system before an outside hacker does it to find the system vulnerabilities. This is done with an automated hacking tool that performs penetration tests against the created website. The database technology that is used is the event database Event Store that stores every event that take place against the website. The task of Event Store in this case is to discover the different penetration tests and to store the events and to give indications to the administrator that the website was under attack. The study is primarily aimed at finding out whether Event Store is advisable to implement with a website where different penetration testing shall be made, and what the advantages and disadvantages are to using Event Store. Results show that Event Store can be used to identify anomalies against a website during attacks. Intrusions against the website can with great probability be proven with the help of the developed system with Event Store.
APA, Harvard, Vancouver, ISO, and other styles
3

Matti, Erik. "Evaluation of open source web vulnerability scanners and their techniques used to find SQL injection and cross-site scripting vulnerabilities." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-177606.

Full text
Abstract:
Both for its simplicity and efficiency to search for the most critical security vulnerabilities that could exist within a web application, a web vulnerability scanner is a popular tool among any company that develops a web application. With the existence of many different scanners that are available to use, one is unlikely the same as the other and the results attained when evaluating these scanners in relation to each other are often not the same. In this thesis, three different open source web vulnerability scanners are evaluated and analysed based on their ability to find SQL injection and cross-site scripting vulnerabilities. The scanners were used on several open source deliberately broken web applications that acted as benchmarks. The benchmarks that caused much diversity in the results from the scanners were further investigated. When analysing the scanners based on the results, both the actual results were analysed on what caused the diversity but most of all the source code of the scanners were explored and investigated. It could be found that the techniques used by the scanners were essentially similar but contained several minor differences that caused the diversity in the results. Most differences were dependant on the variation of the predefined payloads injected by the scanners, but it could also be found that the approaches used to determine if a vulnerability was detected or not could vary as well. The finalised result concluded in a report that reveals and demonstrates the different approaches that any web vulnerability scanner could use and the limitations of them.
APA, Harvard, Vancouver, ISO, and other styles
4

Izagirre, Mikel. "Deception strategies for web application security: application-layer approaches and a testing platform." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-64419.

Full text
Abstract:
The popularity of the internet has made the use of web applications ubiquitous and essential to the daily lives of people, businesses and governments. Web servers and web applications are commonly used to handle tasks and data that can be critical and highly valuable, making them a very attractive target for attackers and a vector for successful attacks that are aimed at the application layer. Existing misuse and anomaly-based detection and prevention techniques fail to cope with the volume and sophistication of new attacks that are continuously appearing, which suggests that there is a need to provide new additional layers of protection. This work aims to design a new layer of defense based on deception that is employed in the context of web application-layer traffic with the purpose of detecting and preventing attacks. The proposed design is composed of five deception strategies: Deceptive Comments, Deceptive Request Parameters, Deceptive Session Cookies, Deceptive Status Codes and Deceptive JavaScript. The strategies were implemented as a software artifact and their performance evaluated in a testing environment using a custom test script, the OWASP ZAP penetration testing tool and two vulnerable web applications. Deceptive Parameter strategy obtained the best security performance results, followed by Deceptive Comments and Deceptive Status Codes. Deceptive Cookies and Deceptive JavaScript got the poorest security performance results since OWASP ZAP was unable to detect and use deceptive elements generated by these strategies. Operational performance results showed that the deception artifact could successfully be implemented and integrated with existing web applications without changing their source code and adding a low operational overhead.
APA, Harvard, Vancouver, ISO, and other styles
5

Chen, Li-Ju, and 陳麗如. "Implementing Security Testing as a Service with OWASP ZAP." Thesis, 2018. http://ndltd.ncl.edu.tw/handle/m48h3s.

Full text
Abstract:
碩士<br>國立中央大學<br>資訊管理學系在職專班<br>106<br>As people are more and more relying on web to get information and acquire services, the importance of web security can no longer be overstated. In the meantime, the web system is usually getting updated more often than traditional application systems. Therefore, it is more critical for web security testing to consider building a more flexible and efficient testing system in order to ensure the web security while being able to handle frequent updating cycles. One big advantage of cloud computing is to provide "anything as a service"; meaning for the extensive variety of services and applications for people to access on demand and to “pay as you go”. This thesis aims to utilize the OS level virtualization technology provided by Docker and the powerful passive/active security scanning features provided by OSWAP ZAP, the web security testing application, to implement the Security Testing as a Service (STaaS). This STaaS system is not only quick to deploy, but also easy to maintain, and it’s even more efficient on resources utilization. In the future, STaaS can also be integrated with test automation, or CI/CD system to further embed security testing as a part of continuous development and deployment.
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "OWASP ZAP"

1

Arta, Yudhi, Anggi Hanafiah, Nesi Syafitri, Panji Rachmat Setiawan, and Yudhistira Hadi Gustianda. "Vulnerability Analysis and Effectiveness of OWASP ZAP and Arachni on Web Security Systems." In Proceedings of 3rd International Conference on Smart Computing and Cyber Security. Springer Nature Singapore, 2024. http://dx.doi.org/10.1007/978-981-97-0573-3_41.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Balantič, Zvone, Sofija Đoković, and Branka Jarc Kovačič. "Sinergijski učinki ocenjevalnih metod OWAS in KIM pri celoviti ergonomski analizi." In Vloga naprednih tehnologij v inženiringu poslovnih sistemov. Univerza v Mariboru, Univerzitetna založba, 2025. https://doi.org/10.18690/um.fov.1.2025.4.

Full text
Abstract:
Študija je bila izvedena v Laboratoriju za inženiring poslovnih in produkcijskih sistemov (LIPPS), kjer smo analizirali telesne drže delavcev na simulirani montažni liniji. Metode OWAS (OVAKO Working Postures Analysing System) in KIM (Key Indicator Method) so bile uporabljene za prepoznavanje kritičnih telesnih drž v delovnem procesu. Glavni cilj raziskave je bil raziskati možno sinergijo med tema dvema metodama ter izboljšati razumevanje ergonomskih dejavnikov v delovnem okolju. Ugotovitve so pokazale, da je integracija obeh metod omogočila natančnejšo identifikacijo kritičnih telesnih položajev in prilagajanje delovnih postopkov ter opreme posameznim delavcem. Rezultati proučevanega delovnega postopka so izpostavili, da je delo na montažni liniji povezano z zmerno utrujenostjo po metodi OWAS, medtem ko je metoda KIM pokazala bistveno povečana tveganja za telesne obremenitve pri ročnih delih. Rezultati poudarjajo pomen izvedbe obeh analiz za objektivno oceno delovnih pogojev in izboljšanje produktivnosti delavcev, kar lahko dolgoročno pozitivno vpliva na zdravje in zadovoljstvo zaposlenih ter na uspešnost podjetja.
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "OWASP ZAP"

1

Irzan, Achmad Muhaimin, and Endang Sulistiyani. "Owasp Zap vs Arachni: Which One is Better in Vulnerability Assesment?" In 2024 Ninth International Conference on Informatics and Computing (ICIC). IEEE, 2024. https://doi.org/10.1109/icic64337.2024.10956935.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Kasmawi, Nurmi Hidayasari, and Mansur. "Vulnerability analysis using OWASP ZAP on higher education websites." In THE 4TH INTERNATIONAL CONFERENCE ON APPLIED ENGINEERING (ICAE 2021). AIP Publishing, 2023. http://dx.doi.org/10.1063/5.0153145.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Quincozes, Silvio E., Leonardo Frangello Franzese, Juliano F. Kazienko, and Vagner E. Quincozes. "Análise de Vulnerabilidades da Plataforma Moodle com base no Top 10 da OWASP." In Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais. Sociedade Brasileira de Computação - SBC, 2024. http://dx.doi.org/10.5753/sbseg.2024.241645.

Full text
Abstract:
Moodle é uma plataforma Web que contém informações acadêmicas e pessoais de mais 316 milhões de usuários. Em um cenário onde são registradas quantidades crescentes de ataques cibernéticos, cabe o questionamento: A plataforma Moodle está segura? A fim de investigar a resposta para essa pergunta, este trabalho apresenta um estudo de caso calcado nas principais vulnerabilidades reportadas pela lista Top 10 OWASP de 2021. Os resultados obtidos por meio da ferramenta OWASP Zed Attack Proxy (ZAP) revelaram 894 alertas de potenciais vulnerabilidade que podem ser potencialmente exploradas.
APA, Harvard, Vancouver, ISO, and other styles
4

Alazmi, Suliman, and Daniel Conte de Leon. "Customizing OWASP ZAP: A Proven Method for Detecting SQL Injection Vulnerabilities." In 2023 IEEE 9th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). IEEE, 2023. http://dx.doi.org/10.1109/bigdatasecurity-hpsc-ids58521.2023.00028.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Nurbojatmiko, Ari Lathifah, Faaza Bil Amri, and Ani Rosidah. "Security Vulnerability Analysis of the Sharia Crowdfunding Website Using OWASP-ZAP." In 2022 10th International Conference on Cyber and IT Service Management (CITSM). IEEE, 2022. http://dx.doi.org/10.1109/citsm56380.2022.9935837.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Rosa, Ricardo, Diego Kreutz, Marcelino Garcia, Santiago Pereira, and Rodrigo Mansilha. "Análise empírica e comparativa de ferramentas de varredura de vulnerabilidades em aplicações Web usando OWASP BWA e Juice Shop." In Escola Regional de Redes de Computadores. Sociedade Brasileira de Computação - SBC, 2024. https://doi.org/10.5753/errc.2024.4689.

Full text
Abstract:
Neste artigo, realizamos uma análise empírica e comparativa das ferramentas de varredura de vulnerabilidades GoLismero, Nikto, Nuclei, OpenVAS, SecretScanner, Wapiti e ZAP, utilizando como ambientes de teste as aplicações reconhecidas OWASP Broken Web Applications (BWA) e Juice Shop. Nosso objetivo foi avaliar a eficácia e a abrangência da cobertura de vulnerabilidades detectadas por cada ferramenta. Os resultados indicam que a combinação de múltiplas ferramentas é essencial para alcançar uma cobertura mais ampla e eficiente, proporcionando maior proteção contra vulnerabilidades e ameaças cibernéticas.
APA, Harvard, Vancouver, ISO, and other styles
7

Fadilah, Muhammad Darmawan, and Siti Rochimah. "Security Evaluation of Insurance Portal Agency Information System Based on ISO/IEC 25010 Quality Standard Utilizing OWASP ZAP." In 2023 3rd International Conference on Intelligent Cybernetics Technology & Applications (ICICyTA). IEEE, 2023. http://dx.doi.org/10.1109/icicyta60173.2023.10428701.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Arromdoni, Bad'ul Hilmi, Mandahadi Kusuma, and Bambang Sugiantoro. "Web Application Vulnerability Analysis Using the OWASP Method (Case Study: OJS CSFD UIN Sunan Kalijaga Yogyakarta)." In The 6th International Conference on Science and Engineering. Trans Tech Publications Ltd, 2024. http://dx.doi.org/10.4028/p-fosz2d.

Full text
Abstract:
The Cyber Security and Digital Forensics (CSFD) Open Journal System (OJS) website owned by the information technology center and database (PTIPD) Islamic University Negri Sunan Kalijaga Yogyakarta is a software content management system (CMS) application that is intended as a media and means of research publications from academic research. Web-based applications that are not properly monitored will have the impact of being attacked by attackers. Vulnerability gaps that have been found by irresponsible attackers will have a very bad impact on the performance of the website application. From the summary of the results of the vulnerability scan, the researcher did not find high status vulnerability gaps using Aucentix tools, the researcher only found 18 vulnerability gaps at the medium risk level, 8 vulnerability gaps at low level and 10 informational vulnerability loopholes. As a comparison, the researchers conducted another scan using the OWAS-ZAP (Zed Attack Proxy) tool and found 17 vulnerabilities with details: 1 with high status, 4 with medium status, 8 with low status and 4 with informational status. The research is based on the OWASP Top-10 method as a measure and parameter in testing using penetration testing. researchers got 1 test result with successful status, namely Using Components with Known Vulnerabilities. Then the researcher found 1 type of vulnerability with posibility status, namely Sensitive Data Exposure with finding data that was not sensitive and 8 vulnerabilities that were not discovered, including: 1. Broken Authentication, 2. Cross-Site Scripting, 3. Security Misconfiguration, 4. Insufficient Logging and Monitoring, 5. Broken Access Control, 6. SQL Injection, 7. XML External Entities , 8. Insecure Deserialization.
APA, Harvard, Vancouver, ISO, and other styles
9

Gabor, Milan. "OWASP za vse, ne samo za razvijalce." In OTS 2023 Sodobne informacijske tehnologije in storitve. Univerza v Mariboru, Univerzitetna založba, 2023. http://dx.doi.org/10.18690/um.feri.8.2023.12.

Full text
Abstract:
OWASP (Open Web Worldwide Application Security Project) je mednarodna neprofitna organizacija, ki se ukvarja z izboljšanjem varnosti programske opreme. Projekt je zasnovan kot odprtokodna skupnost, ki omogoča podjetjem, razvijalcem ter posameznikom dostop do varnostnih virov in orodij. Najbolj znan projekt OWASP je seznam »TOP 10«, ki identificira najpogostejše spletne varnostne grožnje. OWASP nudi tudi številne druge vire, kot so vodniki za razvoj varnih kod, orodja za testiranje penetracije, in izobraževalne vire za izboljšanje varnostne zavesti. Prednosti uporabe OWASP so številne. Prvič – OWASP spodbuja razvoj bolj varne programske opreme z izobraževanjem razvijalcev o najboljših praksah in pogostih napakah. Drugič – OWASP orodja omogočajo podjetjem, da preizkusijo svojo programsko opremo za morebitne varnostne luknje, kar zmanjšuje tveganje za napade. Tretjič – ker je OWASP odprtokoden, lahko organizacije prilagodijo OWASP vire svojim specifičnim potrebam. Skozi članek bomo izpostavili nove ranljivosti na seznamu OWASP TOP 10 in pregledali ostale projekte, ki so lahko koristni tako razvijalcem kot tudi drugim deležnikom v ciklu razvoja programske opreme. Prikazali bomo tudi našo statistiko odkritih pomanjkljivosti in dali poudarek na odpravi teh napak. Na koncu bomo podali praktične nasvete za še bolj varen razvoj programske opreme.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'OWASP ZAP' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography