It’s been a while since the last time we wrote about the OWASP ZAP – Zed Attack Proxy for Web Application Penetration Testing, back in October 2010.
ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.
ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
- Intercepting Proxy
- Automated scanner
- Passive scanner
- Brute Force scanner
- Port scanner
- Dynamic SSL certificates
- Beanshell integration
A new version has been released, v1.3.0, the release adds the following main features:
- Fuzzing, using the JBroFuzz library
- Dynamic SSL Certificates
- Daemon mode and API
- BeanShell integration
- Full internationalization
- Out of the box support for 10 languages
You can download ZAP v1.3.0 here:
Or read more here.
- Blackhash – Audit Passwords Without Hashes
- EyeWitness – A Rapid Web Application Triage Tool
- wig – WebApp Information Gatherer – Identify CMS
- OWASP ZAP – Zed Attack Proxy – Web Application Penetration Testing
- OWASP Bricks – Modular Deliberately Vulnerable Web Application
- Burp Suite v1.3 Released – Integrated Platform For Attacking Web Applications
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,845,555 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,030,874 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 613,570 views