Fuzzing is the process through which we enter invalid or unexpected data to our target Application .
We use Fuzzing in our application when we want to break our application or crash it
using unexpected inputs .
Fuzzing can be done manually or by using any tool. In this blog we will learn how to perform Fuzzing using ZAP tool .
STEPS TO PERFORM FUZZING
Turn on the proxy in your browser .
Open the Browser & hit the url .
Enter in to the field for which you want to perform Fuzzing and send post request to the server .
Now go to the ZAP tool and see the post request sent (You can see it in the Request section of the tool).
Now select the character which u have entered in the page before and right click on it and select Fuzz from the display options .
when you will click on fuzz ,another window Fuzzer will get open , now click on payload button .
Window name payloads will get open , click on Add button.
when click on Add button Add payload window will get open . click on the drop down and select File fuzzer option .
As soon as you will click on File fuzzer option various file options will get displayed, check on Recursive Fuzzers or Replacive Fuzzers or Zer Fuzzers and click on Add button.
On clicking Add button , this will again take u in Payloads window , now click on ok button .
This will take you in Fuzzer window , click on start Fuzzer button to start the Fuzzing.