The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who a new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
- Intercepting proxy
- Automated scanner
- Passive scanner
The next release of OWASP ZAP, planned for later this year, is expected to include:
- OWASP rebranding
- Improvements to the passive and active automated scanners
- Improvements the Spider
- The addition a basic port scanner
- The ability to brute force files and directories (using components from DirBuster)
ZAP is actually a fork from Paros Proxy.
You can download ZAP v1.0 here:
Or read more here.
Recent in Hacking Tools:
- Web-Sorrow v1.48 – Version Detection, CMS Identification, Enumeration & Server Scanning Tool
- CrowdRE – Crowdsourced Reverse Engineering Service From CrowdStrike
- XMPPloit – A Tool to Attack XMPP Connections
- Zed Attack Proxy – ZAProxy v1.3.0 Released – Integrated Penetration Testing Tool
- OWASP (Open Web Application Security Project) Testing Guide v3 Released
- OWASP Bricks – Modular Deliberately Vulnerable Web Application
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,798,994 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 995,230 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 590,983 views