Home > Software > Webdevelopment > Testing > Zed Attack Proxy (ZAP)

Details

Package ID

zap

Version

2.9.0

Downloads

31000

Website

https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project

Summary

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

Description

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.

Features

Some of ZAP’s functionality:

• Intercepting Proxy
• Traditional and AJAX spiders
• Automated scanner
• Passive scanner
• Forced browsing
• Fuzzer
• Dynamic SSL certificates
• Smartcard and Client Digital Certificates support
• Web sockets support
• Support for a wide range of scripting languages
• Plug-n-Hack support
• Authentication and session support
• Powerful REST based API
• Automatic updating option
• Integrated and growing marketplace of add-ons

Comments