Objective: To utilize automated scanning tools to perform comprehensive reconnaissance and identify high-risk web vulnerabilities within an authenticated session.

1. The Vulnerability: Presence of Known Attack Vectors (OWASP Top 10)

During the initial assessment, the web application was found to host multiple critical security flaws, including SQL Injection, Cross-Site Scripting (XSS), and CSRF. These vulnerabilities represent systematic failures in input validation and session management, which, if exploited, could lead to unauthorized data access or the execution of malicious scripts in the browsers of legitimate users.

2. Technical Execution: Automated Passive & Active Scanning

I utilized OWASP ZAP (Zed Attack Proxy) to perform a structured vulnerability assessment of the WebGoat environment. By routing browser traffic through ZAP, I conducted passive scans to identify header-level issues and active scans to probe input parameters for injection-based flaws.

ComponentValuePurpose
Scanning EngineOWASP ZAPAutomation of vulnerability detection and traffic interception.
Test EnvironmentWebGoatTarget application for hands-on security testing.
Proxy Configurationlocalhost:8080Facilitates the interception of requests for real-time analysis.
Scan TypeActive ScanningDynamically testing input fields with malicious payloads.

3. Execution Workflow

  1. Environment Setup: Launched the WebGoat application via the command line and verified availability on the local host.
  2. Interception Configuration: Configured the browser to use OWASP ZAP as a local proxy and imported the ZAP CA certificate to ensure visibility into HTTPS/encrypted traffic.
  3. Passive Discovery: Interacted with various application modules while ZAP performed background analysis of request and response headers.
  4. Active Probing: Triggered the ZAP Active Scanner on the application tree to systematically test parameters for high-impact vulnerabilities like SQLi and Path Traversal.

4. Key Commands

# Launching the vulnerable application via CLI
java -jar webgoat-2025.3.jar

# Verifying the listener port is active
netstat -ano | findstr 8080

5. Evidence of Work

RESOURCES_NODE_01
Discovery
Caption: Discovery phase showing the successful initialization of the target environment and proxy listener.

RESOURCES_NODE_01
Discovery
Caption: Results/Impact phase showing the comprehensive alert dashboard with identified High and Medium risk vulnerabilities.

6. Professional Impact

This project demonstrates the ability to manage the Full Vulnerability Lifecycle, from environment setup to discovery. By identifying these flaws through automation, I provided a “Post-Mortem” that allows an organization to prioritize remediation efforts based on risk level. This systematic approach ensures that Data Confidentiality is maintained by uncovering potential leaks before they can be leveraged by an external adversary.