It’s been a while since the last time we wrote about the OWASP ZAP – Zed Attack Proxy for Web Application Penetration Testing, back in October 2010.
ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.
ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
- Intercepting Proxy
- Automated scanner
- Passive scanner
- Brute Force scanner
- Port scanner
- Dynamic SSL certificates
- Beanshell integration
A new version has been released, v1.3.0, the release adds the following main features:
- Fuzzing, using the JBroFuzz library
- Dynamic SSL Certificates
- Daemon mode and API
- BeanShell integration
- Full internationalization
- Out of the box support for 10 languages
You can download ZAP v1.3.0 here:
Or read more here.
- SamuraiWTF 3.x And Onwards – Web Testing Framework Linux LiveCD
- Watcher – Passive Web Application Vulnerability Scanner
- Pentoo – Gentoo Based Penetration Testing Linux LiveCD
- OWASP ZAP – Zed Attack Proxy – Web Application Penetration Testing
- OWASP Bricks – Modular Deliberately Vulnerable Web Application
- Burp Suite v1.3 Released – Integrated Platform For Attacking Web Applications
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,902,682 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,130,602 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 639,758 views