Skip to content

HelpAddonsFuzzDialogue

Jump to bottom
thc202 edited this page Jun 24, 2015 · 4 revisions

Fuzzer dialog

This allows you to select the fuzzers to use when fuzzing a request.

Fuzz Locations tab

To configure the fuzzing:

  • Highlight a string you wish to fuzz in the Fuzz Locations tab
  • Click the 'Add...' button to launch the Payloads dialog
  • Add the payloads you want to use
  • Click on the 'Processors...' button to launch the Location Processors dialog (if required)
  • Click on the 'Start Fuzzer' button to start the fuzzing
  • The results will then be listed in the Fuzzer tab select them to see the full requests and responses.

You can also search for strings in the fuzz results using the 'Search tab'.

Options tab

This tab allows you to configure the options to be used when fuzzing.

Message Processors tab

Message Processors can access and change the fuzzing requests and responses, control the fuzzing process and interact with the ZAP UI.

The following types of message processors are provided by default:

  • Payload Reflection Detector
  • Request Content-Length Updater
  • User message processor

You can write custom HTTP Message Processor scripts, which allow you to

  • Obtain the list of payloads
  • Stop fuzzing
  • Increase the error count
  • Send new messages
  • Add messages to the Results tab[link]
  • Set custom ‘state’ messages in the Fuzzer tab
  • Raise alerts

Add-ons can also define additional payload generators.

Accessed via

     Request tab 'Fuzz...' right click menu item
     Sites and History tab Attack > Fuzz... menu items
     Tools menu Attack > Fuzz... menu item

See also

     Fuzzer concepts
Clone this wiki locally