This screen allows you to configure the fuzzing options:
The category that will initially be selected when the Fuzz dialog is displayed.
Allows you to add your own files to be used when fuzzing.
These should be text files with one payload per line.
Files are added to the ‘fuzzers’ directory underneath the ZAP home directory.
It defines the numbers of fuzzers (that have completed their execution) visible in the fuzzer tab.
The number of retries when an input/output error occurs sending a request to the target.
If the number of errors exceed this limit, the fuzzer will stop its execution.
Rules defined to control the order that multiple payload lists are iterated.
The number of threads the fuzzer will use per scan.
Increasing the number of threads will speed up the scan but may put extra strain on the computer ZAP is running on as well as the target.
The number of milliseconds between requests by the fuzzer to the target host, usually done to avoid getting blocked by the target or if the target implements some sort of throttling requirement.
| Fuzzer concepts |