How to perform the security testing using selenium?

1
votes

I already develop a Selenium code to perform the web application testing. But i need to perform the security testing for the same application. So Please suggest me how to perform the security testing with selenium code .

Please help to integrate the selenium with ZAP.

1
securityseleniumtestingzap
Selenium can not be used for Security testing. You would need to look for some other tools which can perform security testing.Anish Pillai
Hi @Anish pillai we can connect the Selenium with ZAP. ZAP will do the security testing and Selenium will perform the functional testing. But i need to know how to achieve that.Ramesh Bala
Hi Ramesh, Sorry I have no idea about ZAP. So won't be able to give any info on it.Anish Pillai
Isnt ZAP a proxy? Have you tried using desiredcapabilities or chromeoptions to setup the proxy settings for the browser?Grasshopper
@Grasshopper I am not tried any thing on that. will you help me to do that.Ramesh Bala

1 Answers

4
votes

Proxy your Selenium tests through ZAP and then use ZAP to test your app. Exploring apps effectively is always a challenge for automated scanners, but a good set of Selenium tests are a great way to teach a scanner like ZAP about how your app works. You can either not bother using the ZAP Spiders or just use them to catch areas of you app that dont have enough tests. By proxying your tests via ZAP you will automatically get passive scanning, and once they have finnished you can use active scanning to run the more agressive attacks. ZAP has a very powerful API so can be completely automated for this sort of testing.