Skip to content
The OWASP ZAP core project
Java HTML PHP Python Kotlin XSLT Other
Branch: develop
Clone or download
Pull request Compare This branch is 75 commits behind zaproxy:develop.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github
buildSrc
docker
docs
examples
gradle
php/api/zapv2
python/scripts
snap
zap
.gitattributes
.gitignore
.travis.yml
BUILDING.md
CODE_OF_CONDUCT.md
CONTRIBUTING.md
LEGALNOTICE.md
LICENSE
README.md
build.gradle.kts
gradle.properties
gradlew
gradlew.bat
settings.gradle.kts

README.md

OWASP ZAP

License GitHub release Build Status CII Best Practices Coverity Scan Build Status Github Releases Javadocs OWASP Flagship Language grade: Java Twitter Follow

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.

Please help us to make ZAP even better for you by answering the ZAP User Questionnaire!

For general information about ZAP:

  • Home page - the official ZAP page on the OWASP wiki (includes a donate button;)
  • Twitter - official ZAP announcements (low volume)
  • Blog - official ZAP blog
  • Monthly Newsletters - ZAP news, tutorials, 3rd party tools and featured contributors
  • Swag! - official ZAP swag that you can buy, as well as all of the original artwork released under the CC License

For help using ZAP:

Information about the official ZAP Jenkins plugin:

To learn more about ZAP development:

Justification

Justification for the statements made in the tagline at the top;)

Popularity:

  • ToolsWatch Annual Best Free/Open Source Security Tool Survey:

Contributors:

You can’t perform that action at this time.