{"id":21728,"date":"2022-02-14T10:28:05","date_gmt":"2022-02-14T10:28:05","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=21728"},"modified":"2022-02-14T10:28:08","modified_gmt":"2022-02-14T10:28:08","slug":"fiddlezap","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/","title":{"rendered":"FiddleZAP : A Simplified Version Of EKFiddle For OWASP ZAP"},"content":{"rendered":"\n<p><strong>FiddleZAP<\/strong> is a simplified version of&nbsp;EKFiddle&nbsp;for OWASP ZAP.<\/p>\n\n\n\n<p>With ZAP as your web proxy, you are able to flag malicious traffic based on predefined regular expressions.<\/p>\n\n\n\n<p>Example: Alert, highlighting and tagging when a regex matches on a string within the HTML source code of a compromised website<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEhqhUGf2vwtOYPrZg7EiAyF2dfFKXmmwPJtsKHs_wpJv5sGs0jq5gPoEjX_vJnrTOGBaBe4fv1UcHGnfRitxNQFAapYq3MavMYhXu3oi5JV0HpG0HI3pDD7d_kSKuJewHwcXcRz4wjrRAer61RUuRtYsiCki1sxgQHgAdZfdgn0Kq0gBQ-jlAcWPRDg=s729\" alt=\"\" \/><\/figure>\n\n\n\n<p class=\"has-text-align-center has-black-color has-vivid-green-cyan-background-color has-text-color has-background\" id=\"installation\"><strong>Installation<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Download and install ZAP:&nbsp;https:\/\/www.zaproxy.org\/download\/<\/li><li>Download or clone the FiddleZAP directory into your Documents folder.<\/li><\/ul>\n\n\n\n<p>It should have the following structure:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEhbGoktTNKnKZrXzT3ymR5Y7-4lnEVjhCmPQe2npPPakPa6GLdnICMBrYir2jffdN1FQA6Lj2QMVNXCVYH-k3fgq9aZKnd79tyQCzBWL8MtSyeYJ0cyunkTwZwzfLjs-HsFv-tsZqh0JHDeGbYg7NlcBd_itraAkV0EXT3LsROiYNVYnq5LkvJ4StkR=s373\" alt=\"\" \/><\/figure>\n\n\n\n<p>There are 2 scripts (standalone, passive rules). The former is used to run manually on the currently loaded session (web traffic), the latter automatically runs while recording traffic.<\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\" id=\"stand-alone\"><a href=\"https:\/\/github.com\/malwareinfosec\/FiddleZAP#stand-alone\"><\/a><strong>Stand Alone<\/strong><\/p>\n\n\n\n<p>First, install the standalone script:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Click on the Load script icon:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEhvmdbcuVwLalpcQIzqwl4CFDKPkov9GZ2rDo1XDaZfNz8_dgBGUjf9S0B_HzSoc0t6DqsLrqsv5C_0Iqx6VBdHs9dBHwtvDwve1NB8BZ0l3SPYrF75u1MuzM3oq-tEDgZA8vu8zD98HYwSsVn8e1HGYmHjzLuwft59j5jnweRetSezko41g_NoSs9p=s564\" alt=\"\" \/><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>Select the following parameters:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEhS4ZwT7ewFFB4Ms81MaIFFFUNEbLtMzQ9-MlicBmI61AAG0Pxo7J2rBH6SXe75ZjJCs8pBCkILM3sWbh2gMqxtv7Tsra6a8dZfBzY9g1XfJQOW3VXgeJCJRf-3r1Y_nilU73702zWMAnZyHtMWDUVCm4DYWzyYc7nwmPZhZBsw4F0kC342lcskMMVz=s477\" alt=\"\" \/><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>It now shows under standalone:<\/li><\/ul>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\" id=\"passive-rules\"><strong>Passive Rules<\/strong><\/p>\n\n\n\n<p>Next, install the passive rules script:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Click on the Load script icon:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgID2WLn22tz2cIhGKlhcNmqvVqryxtervuOrLbx5I_ZuFHyIcij9MFSr2Roh1GYJz3bkDeNQK2zHG3umlhjqmnnoDDaJ2jbyYGVoa89JxWV6q8gcfTjUH0eeo87nBQc-LUOIzzvSkS6dxo740Dy0udtNuRkWSrc7Hju24ptrMrNbx1E7Z3Ic1Gn20W=s267\" alt=\"\" \/><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>Select the following parameters:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEjdfGt4RLvPQr5zgp0Yxa5WefsgM9jRlSue_-cQmPr8DeFqX3an32QoYv9dBwspk9b7BmeKoUjrcDYkOTMgkP8btAyq8ASoHD4CIp24Jeyw00M8yn0Zz2RkZGiAZW4Zh6xWrLefzQzo0tmupHwRL0t7KWqlT41dxUnBlONfLLl9uwTQtQjv6ct4Lvj_=s506\" alt=\"\" \/><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>The FiddleZAP script should now show up under Passive Rules. If it is not enabled, right-click on it and select Enable script.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEhSXhlNwaoee98ps01e2VqnVcFnqUAyxXZ84l3VteuYZH1zsPq1l0PftepGcXSvoAXuQujqhJb6zVbwSqZjkQo4A6Ao2gvv_EgK1URKoS0gRiaFqcbI6zq7XvUxM1tGPUFeMd5YhzDwLqaJsfeLZlC9qtoRhW_tOcxIwf8FfHmQ9z2bRWzko9C1HHl5=s481\" alt=\"\" \/><\/figure>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\" id=\"features\"><strong>Features<\/strong><\/p>\n\n\n\n<p class=\"has-light-green-cyan-background-color has-background\" id=\"regexes-rules-to-detect-malicious-traffic\"><a href=\"https:\/\/github.com\/malwareinfosec\/FiddleZAP#regexes-rules-to-detect-malicious-traffic\"><\/a><strong>Regexes (rules) to detect malicious traffic<\/strong><\/p>\n\n\n\n<p>Rules for FiddleZAP can look for URI patterns and source code patterns (session body).<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>A&nbsp;<code><strong>community_rules.txt<\/strong><\/code>&nbsp;file is provided with some examples.<\/li><li>The&nbsp;<code><strong>user_rules.txt<\/strong><\/code>&nbsp;is your own rules file.<\/li><\/ul>\n\n\n\n<p>Rules are automatically loaded and used to scan incoming traffic (if Passive Rules script is enabled). If you want to run rules on previously captured traffic, you need to run the standalone script.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEho4qOOROI_dJf5QR3-vHSzBlFNOhh22tU17qhaQD4nGnmH2aX5Tcn6zR4tYsq53l-daxb-MueDV5AK5mcrNa4oxCAzmIemGbs8acpXHsDMLm5y5MGFdQskHbOXukUw6BPdGEh4P04KtHJHnBi8N1QRe_cuf7a1jl61AMNXgAoG65AFEscgPTOWMLNb=s351\" alt=\"\" \/><\/figure>\n\n\n\n<p class=\"has-light-green-cyan-background-color has-background\" id=\"color-coding-and-tagging-of-matching-web-sessions\"><strong>Color coding and tagging of matching web sessions<\/strong><\/p>\n\n\n\n<p>(This feature requires the neonmarker add-on)<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEhTuGRsL00U5gVC5pBN8hlHLbzfr2ymrlsDo1lCRFEnuKiT4ubUdUhK5qKNyQvbsviciNgrIThtrpUs4z0TMNqNxwh5oEn1-wPnCmaR0IF_Lz6OxVOwpTo9ZISos1i-_U9OVYJ9RQr067ZZ28XJmA4eo0sRhGTKtbP4B0_ttPJw7fvYdHPIesw4QW1J=s509\" alt=\"\" \/><\/figure>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Detailed Alerts<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEjx5mmznMw0diCgk70nZQpkgsmUKu628vP8v2TF1V0I1cVCtWbULNqZNNiQGbPniGm2bn3MQQyh0AHpV-Vzcaop9n_f2eBW8ZfwB6kEBGAD9Buht-lLYZg4Tt_dUQOcpGGw_NPXHHnuoRA15IwPyaBZBhHy5WrEPen-t34RwKixSdPHZ5_nVuKs9VgD=s477\" alt=\"\" \/><\/figure>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-16018d1d wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-vivid-cyan-blue-color has-text-color\" href=\"https:\/\/github.com\/malwareinfosec\/FiddleZAP\"><strong>Download<\/strong><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>FiddleZAP is a simplified version of&nbsp;EKFiddle&nbsp;for OWASP ZAP. With ZAP as your web proxy, you are able to flag malicious traffic based on predefined regular expressions. Example: Alert, highlighting and tagging when a regex matches on a string within the HTML source code of a compromised website Installation Download and install ZAP:&nbsp;https:\/\/www.zaproxy.org\/download\/ Download or clone [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":21758,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[1015,4674,4675],"class_list":["post-21728","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-ekfiddle","tag-fiddlezap","tag-owasp-zap"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>FiddleZAP : A Simplified Version Of EKFiddle For OWASP ZAP<\/title>\n<meta name=\"description\" content=\"FiddleZAP is a simplified version of\u00a0EKFiddle\u00a0for OWASP ZAP. With ZAP as your web proxy, you are able to flag malicious traffic.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"FiddleZAP : A Simplified Version Of EKFiddle For OWASP ZAP\" \/>\n<meta property=\"og:description\" content=\"FiddleZAP is a simplified version of\u00a0EKFiddle\u00a0for OWASP ZAP. With ZAP as your web proxy, you are able to flag malicious traffic.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2022-02-14T10:28:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-02-14T10:28:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"FiddleZAP : A Simplified Version Of EKFiddle For OWASP ZAP\",\"datePublished\":\"2022-02-14T10:28:05+00:00\",\"dateModified\":\"2022-02-14T10:28:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/\"},\"wordCount\":264,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639\",\"keywords\":[\"EKFiddle\",\"FiddleZAP\",\"OWASP ZAP\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/\",\"name\":\"FiddleZAP : A Simplified Version Of EKFiddle For OWASP ZAP\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639\",\"datePublished\":\"2022-02-14T10:28:05+00:00\",\"dateModified\":\"2022-02-14T10:28:08+00:00\",\"description\":\"FiddleZAP is a simplified version of\u00a0EKFiddle\u00a0for OWASP ZAP. With ZAP as your web proxy, you are able to flag malicious traffic.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/fiddlezap\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639\",\"width\":\"639\",\"height\":\"380\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"FiddleZAP : A Simplified Version Of EKFiddle For OWASP ZAP","description":"FiddleZAP is a simplified version of\u00a0EKFiddle\u00a0for OWASP ZAP. With ZAP as your web proxy, you are able to flag malicious traffic.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/","og_locale":"en_US","og_type":"article","og_title":"FiddleZAP : A Simplified Version Of EKFiddle For OWASP ZAP","og_description":"FiddleZAP is a simplified version of\u00a0EKFiddle\u00a0for OWASP ZAP. With ZAP as your web proxy, you are able to flag malicious traffic.","og_url":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2022-02-14T10:28:05+00:00","article_modified_time":"2022-02-14T10:28:08+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"FiddleZAP : A Simplified Version Of EKFiddle For OWASP ZAP","datePublished":"2022-02-14T10:28:05+00:00","dateModified":"2022-02-14T10:28:08+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/"},"wordCount":264,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639","keywords":["EKFiddle","FiddleZAP","OWASP ZAP"],"articleSection":["Kali Linux"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/fiddlezap\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/","url":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/","name":"FiddleZAP : A Simplified Version Of EKFiddle For OWASP ZAP","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639","datePublished":"2022-02-14T10:28:05+00:00","dateModified":"2022-02-14T10:28:08+00:00","description":"FiddleZAP is a simplified version of\u00a0EKFiddle\u00a0for OWASP ZAP. With ZAP as your web proxy, you are able to flag malicious traffic.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/fiddlezap\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/fiddlezap\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639","width":"639","height":"380"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEgea1DCZHeaciT8-4ObMXCQvNhcaJWz_INwxQ5L8zD06UockO_xJb8rpXpwLHksCh1U6ruOPOnkHyuDpGTQyjOrFipBv9j75FwJVtLI6wJ_0vw7kHhmAPmgV_zw1XNAcLrlwFLKpXS1Qr7KNX38RRvsMTFjT-qfWAz7EMHB5kYx2IJVb5PVNIjf-Hzo=s639","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":2619,"url":"https:\/\/kalilinuxtutorials.com\/vbscan-owasp-vbulletin-scanner\/","url_meta":{"origin":21728,"position":0},"title":"VBScan &#8211; OWASP Is A Black Box vBulletin Vulnerability Scanner","author":"R K","date":"September 15, 2018","format":false,"excerpt":"OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analysis them .\u00a0If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! VBScan Usage .\/vbscan.pl <target> .\/vbscan.pl http:\/\/target.com\/vbulletin Also ReadHUNT\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/09\/VBScan1.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":34795,"url":"https:\/\/kalilinuxtutorials.com\/owasp-noir\/","url_meta":{"origin":21728,"position":1},"title":"OWASP Noir &#8211; A Comprehensive Guide To Advanced Source Code Analysis And Security Testing","author":"Varshini","date":"September 11, 2024","format":false,"excerpt":"The cutting-edge tool designed to enhance security testing through deep source code analysis. OWASP Noir supports multiple programming languages and seamlessly integrates with popular offensive security tools. Whether you're analyzing APIs, integrating into DevOps, or conducting vulnerability assessments, OWASP Noir delivers precise and actionable insights to bolster your security framework.\u2026","rel":"","context":"In &quot;Pentesting Tools&quot;","block_context":{"text":"Pentesting Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/penetration-testing-tools\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVepNF3arRHv11NJIzxftBLbIkmSZ6JXSXV5ZgH18ThTrqh5u7g17FjXej6HbZpl7fXUOWxgaEo5KZAP_1ex9otVU77dvC83j_-y6dsIKGb0kBLKN3xSXujxLxqw_l-SnVMzVEFjqrbXnV6AIb62Y_kKLiQLWm7A0QaP6e3V8vrQQbnhWoqi9Ga1We2Lhf\/s16000\/OWASP%20Noir.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVepNF3arRHv11NJIzxftBLbIkmSZ6JXSXV5ZgH18ThTrqh5u7g17FjXej6HbZpl7fXUOWxgaEo5KZAP_1ex9otVU77dvC83j_-y6dsIKGb0kBLKN3xSXujxLxqw_l-SnVMzVEFjqrbXnV6AIb62Y_kKLiQLWm7A0QaP6e3V8vrQQbnhWoqi9Ga1We2Lhf\/s16000\/OWASP%20Noir.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVepNF3arRHv11NJIzxftBLbIkmSZ6JXSXV5ZgH18ThTrqh5u7g17FjXej6HbZpl7fXUOWxgaEo5KZAP_1ex9otVU77dvC83j_-y6dsIKGb0kBLKN3xSXujxLxqw_l-SnVMzVEFjqrbXnV6AIb62Y_kKLiQLWm7A0QaP6e3V8vrQQbnhWoqi9Ga1We2Lhf\/s16000\/OWASP%20Noir.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVepNF3arRHv11NJIzxftBLbIkmSZ6JXSXV5ZgH18ThTrqh5u7g17FjXej6HbZpl7fXUOWxgaEo5KZAP_1ex9otVU77dvC83j_-y6dsIKGb0kBLKN3xSXujxLxqw_l-SnVMzVEFjqrbXnV6AIb62Y_kKLiQLWm7A0QaP6e3V8vrQQbnhWoqi9Ga1We2Lhf\/s16000\/OWASP%20Noir.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVepNF3arRHv11NJIzxftBLbIkmSZ6JXSXV5ZgH18ThTrqh5u7g17FjXej6HbZpl7fXUOWxgaEo5KZAP_1ex9otVU77dvC83j_-y6dsIKGb0kBLKN3xSXujxLxqw_l-SnVMzVEFjqrbXnV6AIb62Y_kKLiQLWm7A0QaP6e3V8vrQQbnhWoqi9Ga1We2Lhf\/s16000\/OWASP%20Noir.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVepNF3arRHv11NJIzxftBLbIkmSZ6JXSXV5ZgH18ThTrqh5u7g17FjXej6HbZpl7fXUOWxgaEo5KZAP_1ex9otVU77dvC83j_-y6dsIKGb0kBLKN3xSXujxLxqw_l-SnVMzVEFjqrbXnV6AIb62Y_kKLiQLWm7A0QaP6e3V8vrQQbnhWoqi9Ga1We2Lhf\/s16000\/OWASP%20Noir.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":2322,"url":"https:\/\/kalilinuxtutorials.com\/archery-scan-vulnerabilities\/","url_meta":{"origin":21728,"position":2},"title":"Archery &#8211; Open Source Vulnerability Assessment &#038; Management Helps Developers &#038; Pentesters To Perform Scans &#038; Manage Vulnerabilities","author":"R K","date":"August 21, 2018","format":false,"excerpt":"Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. It uses popular opensource tools to perform comprehensive scanning for web application and network. Archery Requirement Python 2.7 OpenVas 8, 9 OWASP ZAP 2.7.0 Selenium Python Firefox Web driver Start\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":2589,"url":"https:\/\/kalilinuxtutorials.com\/hunt-burp-suite\/","url_meta":{"origin":21728,"position":3},"title":"HUNT &#8211; Burp Suite Pro\/Free and OWASP ZAP Extensions","author":"R K","date":"September 13, 2018","format":false,"excerpt":"HUNT Suite is a collection of Burp Suite Pro\/Free and OWASP ZAP extensions. Identifies common parameters vulnerable to certain vulnerability classes (Burp Suite Pro and OWASP ZAP). Organize testing methodologies (Burp Suite Pro and Free). HUNT Parameter Scanner - Vulnerability Classes SQL Injection Local\/Remote File Inclusion & Path Traversal Server\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/09\/HUNT1.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/09\/HUNT1.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/09\/HUNT1.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/09\/HUNT1.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/09\/HUNT1.png?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":3734,"url":"https:\/\/kalilinuxtutorials.com\/adapt-automated-penetration-testing\/","url_meta":{"origin":21728,"position":4},"title":"Adapt : A Tool To Performs Automated Penetration Testing for WebApps","author":"R K","date":"January 30, 2019","format":false,"excerpt":"ADAPT is a tool that performs Automated Dynamic Application Penetration Testing for web applications. It is designed to increase accuracy, speed, and confidence in penetration testing efforts. ADAPT automatically tests for multiple industry standard OWASP Top 10 vulnerabilities, and outputs categorized findings based on these potential vulnerabilities. ADAPT also uses\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3882,"url":"https:\/\/kalilinuxtutorials.com\/adapt\/","url_meta":{"origin":21728,"position":5},"title":"ADAPT : Tool That Performs Automated Penetration Testing for WebApps","author":"R K","date":"February 14, 2019","format":false,"excerpt":"ADAPT is a tool that performs Automated Dynamic Application Penetration Testing for web applications. It is designed to increase accuracy, speed, and confidence in penetration testing efforts. ADAPT automatically tests for multiple industry standard OWASP Top 10 vulnerabilities, and outputs categorized findings based on these potential vulnerabilities. ADAPT also uses\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/21728","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=21728"}],"version-history":[{"count":13,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/21728\/revisions"}],"predecessor-version":[{"id":21816,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/21728\/revisions\/21816"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/21758"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=21728"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=21728"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=21728"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}