Permalink
Switch branches/tags
Nothing to show
Find file Copy path
42ac113 Jun 7, 2018
4 contributors

Users who have contributed to this file

@toolswatch @Chan9390 @psiinon @badzack
48 lines (29 sloc) 2.55 KB

ZAP

Description

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.

Some of the built in features include: Intercepting proxy server, Traditional and AJAX Web crawlers, Automated scanner, Passive scanner, Forced browsing, Fuzzer, WebSocket support, Scripting languages, and Plug-n-Hack support. It has a plugin-based architecture and an online ‘marketplace’ which allows new or updated features to be added. The GUI control panel is easy to use, and the API functions make it ideal for automation testing and continuous assessments in a SDLC.

Categories

  • Web Application
  • OWASP
  • Pentest
  • Web API Security
  • Vulnerability assessment

Black Hat sessions

Black Hat Arsenal USA Black Hat Arsenal EU Black Hat Arsenal USA

Popularity

ToolsWatch Annual Best Free/Open Source Security Tool Survey:

1st 2nd 1st 2nd

Code

Lead Developer

Mozilla \ Simon Bennetts - https://github.com/psiinon

Social Media