Skip to content
psiinon edited this page Jun 4, 2015 · 4 revisions

OWASP ZAP User Guide

Welcome to the The OWASP Zed Attack Proxy (ZAP) User Guide.

This is available both as context sensitive help within ZAP and online at

ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

If you are new to ZAP then its recommended that you look at the Getting Started section.

ZAP is a fork of the open source variant of the Paros Proxy.

See also

     Getting Started for details of how to start using ZAP
     Basic concepts for details of various basic concepts
     UI Overview for an overview of the User Interface
     Command Line for the command line options available
     Releases for details of the changes made in ZAP releases

External links

     ZAP homepage
     Wikipedia entry for proxies
     Paros proxy
Clone this wiki locally
You can’t perform that action at this time.