VideoTutorials

Videos Tutorials

There have been many requests for video tutorials, and the only reason we havnt done any yet is due to a lack of time!

However they would be very useful and should increase ZAPs popularity.

Here is a list of videos we could/should produce. Please update this list if you have any more suggestions, or add a comment if you dont have permissions to edit the wiki.

It is suggested that the videos should be around 10 mins in length, although that is not a hard restriction.

And anyone can create them - if theres a feature you would like to create a video for then please get in touch.

And theres now a 'standard' title slide here

Title	Owners	Status	Details
Overview	Simon	Completed	Security regression testing using ZAP
Set up	Matthew Fuller	Completed	An updated version of [this one]
Automated testing	Simon	Completed	Security regression testing using ZAP
AppSec Tutorial	Jerry, Simon	In progress	Overview of ZAP - part of the OWASP AppSec Tutorial Series :)
OWASP Top Ten	Bob Sullivan	In progress	How to test for the OWASP Top Ten with ZAP (may well be multiple videos)
Promo	Simon	Proposed	Something similar to the one done for [AppSensor]
Smartcards	TBA	Proposed	How to use ZAP with smartcards
API	TBA	Proposed	How to use the ZAP REST API
CSRF Handling	TBA	Proposed	How to handle CSRF tokens
Fuzzing	TBA	Proposed	How to fuzz parameters
Extensions	TBA	Proposed	How to extend ZAP
ZAP Testing Basics	Björn	Proposed	Why and how to write proper Tests for ZAP? What must be tested? How can TDD help write better software? Where do which kinds of tests go in zaproxy-test? How much code coverage does ZAP need?
Advanced ZAP Testing	Björn	Proposed	How to write scenario tests using BDD style? How can a Matcher framework improve test readability? How can we get rid of class dependencies with Mocking?

Could also show how to use ZAP to find SANS Top X and/or PCI 6.5/6.6 issues (thanks to David for those suggestions).

Any thoughts?