How to configure OWASP ZAP 2.9.0 proxy and Firefox proxy and do a session recording.

Open OWASP ZAP 2.9.0 by doubble click and run the “zap.bat” file in C:\Program Files\OWASP\Zed Attack Proxy

In the OWASP ZAP 2.9.0 application , click tools >Options and then seach for “local proxies”

Type 127.0. 0.1 or give as localhost and click ok

Open Firefox and go to options > network settings

Setup manual proxy configuration as per below. Make sure to put the checkbox.

The next step is generating a certificate for Firefox browser. In the OWASP ZAP 2.9.0 application, go to tools >Dynamic SSL Certificates

Click generate and save the certificate to your hard drive.

In Firefox browser, go to about:preferences#privacy by typing this or go to Privacy and Security section.

Scroll down and click “View certificates” then click import and import the certificate.

Added certificate should be displayed. The name is “owasp_zap_root_ca”.

In the tool, make sure that interception is off if it’s green it’s off so it’s allows to request come from Firefox to ZAP tool. Conversely, to turn it on click on it so it will turn to red and browser requests will not be recorded in tool.

Then go to the tool in manual explore, give the url ,select browser type and launch the browser.

Firefox will be loaded ,and do some navigation like filling a form, in the tool under sites , the details will be loaded.

Optionally , in the tool also can add additional proxies.