It’s been a while since the last time we wrote about the OWASP ZAP – Zed Attack Proxy for Web Application Penetration Testing, back in October 2010.
ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.
ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
- Intercepting Proxy
- Automated scanner
- Passive scanner
- Brute Force scanner
- Port scanner
- Dynamic SSL certificates
- Beanshell integration
A new version has been released, v1.3.0, the release adds the following main features:
- Fuzzing, using the JBroFuzz library
- Dynamic SSL Certificates
- Daemon mode and API
- BeanShell integration
- Full internationalization
- Out of the box support for 10 languages
You can download ZAP v1.3.0 here:
Or read more here.
- american fuzzy lop – Security Oriented Fuzzing Tool
- KeeFarce – Extract KeePass Passwords (2.x) From Database
- 0d1n – Web HTTP Fuzzing Tool
- OWASP ZAP – Zed Attack Proxy – Web Application Penetration Testing
- OWASP Zed Attack Proxy – Integrated Penetration Testing Tool
- Web Security Dojo 2.0 – Self-Contained Web Hacking Training
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,940,415 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,277,669 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 659,251 views