Today, I learned about DNS, the way to do penetration testing by separating the people into 2 teams of attacker and defender, domain of OSSTMM, a bit of OWASP. I tried to use zap as a testing tool, zap is similar to paros proxy, it is a testing tool to test the security and vulnerability of your system.
First, scan the web which you want to find the vulnerability
Then, zap will show the possible vulnerabilities in the website in the form of alerts.
Clicking the alerts will show the description, and possible action to be taken to solve the problem
