This Python script is designed for automated security testing and vulnerability exploitation on web applications. It integrates with OWASP ZAP (Zed Attack Proxy) for vulnerability scanning and includes functions to exploit common web application vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), and Path Traversal.
Before using this script, ensure you have the following:
- Python 3.x installed
- Required Python libraries (ZAPv2, requests)
- OWASP ZAP proxy running (configured according to your needs)
- API key for ZAP API authentication
-
Clone this repository to your local machine.
-
target_url = "http://example.com" Replace with your target URL