-
-
Notifications
You must be signed in to change notification settings - Fork 135
HelpUiDialogsOptionsLocalproxy
The Options Connection screen allows you to configure the address and port on which ZAP accepts incoming connections. It is this address and port that you must configure your browser to use as a proxy.
Indicates that the Local Proxy (ZAP) is behind NAT. When selected ZAP will attempt to determine the public IP address, to properly detect and handle requests with the public IP address (for example, to be served by the ZAP API).
Note: This option is only supported when ZAP is running in an AWS EC2 instance. ZAP will obtain the public IP address from AWS EC2 instance's metadata. ZAP should be started with this option enabled if access to the API, through the public IP address, is required:
zap.sh -daemon -port 8080 -host 0.0.0.0 -config proxy.behindnat=true
Also, the API needs to be configured to accept external IP addresses (i.e. the IP address from where ZAP is being accessed).
Allows the proxy to remove unsupported encodings from the "Accept-Encoding" request-header field, so no (unsupported) encoding transformations are done to the response. This option should be always enabled unless when testing the encoding transformations. The messages encoded with unsupported encodings will not be correctly scanned (either by passive and active scanners).
Allows to choose the SSL/TLS versions enabled for incoming connections (for example, from browsers). At least one version must be enabled, versions unsupported by the JRE will be unselected and disabled.
UI Overview | for an overview of the user interface | |
Options dialogs | for details of the other Options dialog screens |
-
ZAP User Guide
- Introduction
-
Getting Started
- Configuring proxies
-
Features
- Active Scan
- Add-ons
- Alerts
- Anti CSRF Tokens
- API
- Authentication
- Break Points
- Callbacks
- Contexts
- Data Driven Content
- Filters
- Globally Excluded URLs
- HTTP Sessions
- Man-in-the-middle Proxy
- Modes
- Notes
- Passive Scan
- Scan Policies
- Scope
- Session Management
- Spider
- Statistics
- Structural Modifiers
- Structural Parameters
- Tags
- Users
- Scanner Rules
- A Simple Penetration Test
-
The User Interface
- Overview
- The Top Level Menu
- The Top Level Toolbar
- The Tabs
-
The Dialogs
- Active Scan
- Add Alert
- Add Break Point
- Add Note
- Encode/Decode/Hash
- Filter
- Find
- History Filter
- Manual Request Editor
- Manage Add-ons
- Manage Tags
-
Options
- Active Scan
- Active Scan Input Vectors
- Alerts
- Anti CSRF Tokens
- API
- Breakpoints
- Callback Address
- Certificate
- Check for Updates
- Connection
- Database
- Display
- Dynamic SSL Certificates
- Extensions
- Global Exclude URL
- HTTP Sessions
- JVM
- Keyboard
- Language
- Local Proxies
- Passive Scan Rules
- Passive Scan Tags
- Passive Scanner
- Rule Configuration
- Scripts
- Search
- Spider
- Statistics
- Persist Session
- Resend
- Scan Policy Manager
- Scan Progress
- Session
- Spider
- The Footer
- Command Line
- Add Ons
- Releases
- Paros Proxy
- Credits