Objective: To utilize automated scanning tools to perform comprehensive reconnaissance and identify high-risk web vulnerabilities within an authenticated session.
1. The Vulnerability: Presence of Known Attack Vectors (OWASP Top 10)
During the initial assessment, the web application was found to host multiple critical security flaws, including SQL Injection, Cross-Site Scripting (XSS), and CSRF. These vulnerabilities represent systematic failures in input validation and session management, which, if exploited, could lead to unauthorized data access or the execution of malicious scripts in the browsers of legitimate users.
2. Technical Execution: Automated Passive & Active Scanning
I utilized OWASP ZAP (Zed Attack Proxy) to perform a structured vulnerability assessment of the WebGoat environment. By routing browser traffic through ZAP, I conducted passive scans to identify header-level issues and active scans to probe input parameters for injection-based flaws.
| Component | Value | Purpose |
|---|---|---|
| Scanning Engine | OWASP ZAP | Automation of vulnerability detection and traffic interception. |
| Test Environment | WebGoat | Target application for hands-on security testing. |
| Proxy Configuration | localhost:8080 | Facilitates the interception of requests for real-time analysis. |
| Scan Type | Active Scanning | Dynamically testing input fields with malicious payloads. |
3. Execution Workflow
- Environment Setup: Launched the WebGoat application via the command line and verified availability on the local host.
- Interception Configuration: Configured the browser to use OWASP ZAP as a local proxy and imported the ZAP CA certificate to ensure visibility into HTTPS/encrypted traffic.
- Passive Discovery: Interacted with various application modules while ZAP performed background analysis of request and response headers.
- Active Probing: Triggered the ZAP Active Scanner on the application tree to systematically test parameters for high-impact vulnerabilities like SQLi and Path Traversal.
4. Key Commands
# Launching the vulnerable application via CLI
java -jar webgoat-2025.3.jar
# Verifying the listener port is active
netstat -ano | findstr 8080
5. Evidence of Work


6. Professional Impact
This project demonstrates the ability to manage the Full Vulnerability Lifecycle, from environment setup to discovery. By identifying these flaws through automation, I provided a “Post-Mortem” that allows an organization to prioritize remediation efforts based on risk level. This systematic approach ensures that Data Confidentiality is maintained by uncovering potential leaks before they can be leveraged by an external adversary.