I've prepared a script for ZAP that allows encrypting the message body using RSA. I decided to reuse httpsender because I wanted this script to run in every possible mode (whether we're using proxy/requester, etc). This way, I also have the option for manual inspection of what I'm sending to the server. I've also prepared a similar solution for Burp and described everything under this link.
thc202
commented
4 months ago
Hi All,
I've prepared a script for ZAP that allows encrypting the message body using RSA. I decided to reuse httpsender because I wanted this script to run in every possible mode (whether we're using proxy/requester, etc). This way, I also have the option for manual inspection of what I'm sending to the server. I've also prepared a similar solution for Burp and described everything under this link.