Transparent proxy from OWASP

By Posted in - Blog on December 22nd, 2016 0 Comments

ZAP seems like a very good tool for pen testing, but also for debugging HTTP requests between microservices.

The best thing is that it can be run with docker.

An example of setting it up as a transparent proxy with iptables is described here .

The key being to forward request port to ZAP, and it will automatically capture them.


iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to-destination
iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination

Please leave a Comment

Solve : *
7 × 17 =