Fuzzer对话框
这允许您选择要使用的fuzzers 模糊化 一个请求。
模糊位置选项卡
配置模糊:
- 在模糊位置选项卡中突出显示您想要模糊的字符串
- 单击"添加..."按钮以启动有效负载对话框
- 添加您想使用的有效负载
- 单击"处理器..."按钮以启动位置处理器对话框(如果需要)
- 点击"启动Fuzzer"按钮开始模糊
- 结果将在Fuzzer选项卡中列出,选择它们以查看完整的请求和响应。
You can also search for strings in the fuzz results using the 'Search' tab.
Click on the 'Edit' button to edit the message you have selected for fuzzing.
Note that this will remove all of the fuzz locations that you have defined.
You will need to 'Save' the message before you can define new fuzz locations.
Options tab
This tab allows you to configure the options to be used when fuzzing. See the main options help for more details.
Follow Redirects
Indicates whether or not the Fuzzer should follow redirect responses (only visible for HTTP messages).
Message Processors tab
Message Processors can access and change the messages being fuzzed, control the fuzzing process, and interact with the ZAP UI.
The message processors available depend on the type of message being fuzzed, this add-on includes the default HTTP Messages processors.
Add-ons can also define additional payload generators.
Accessed via
| | Request tab | 'Fuzz...' right click menu item |
| | Sites and History tab | Attack > Fuzz... menu items |
| | Tools menu | Attack > Fuzz... menu item |
See also