On the second day of workshop we installed the ZAP software and taught them about the User Interface of ZAP software. After Installing ZAP we have taken a session about generating a Dynamic SSL certificate and installing on Firefox browser. This SSL certificate is installed on browser for testing the websites using the browser plugin tool as a manual testing of vulnerabilities.
Later Sumanth explained them about the modes of ZAP tool which are used for finding out the vulnerabilities i.e Safe mode, Protected Mode, Standard Mode and Attack Mode.
with a demo on using the ZAP in standard mode and attacking on a test site and showed them the vulnerabilities like XSS Cross Site scripting and other vulnerabilities.
and also explained about many features of ZAP tool like Intercepting, Fuzzing, Spiders and scanners.
In day two we covered many important concepts like :