OWASP Zed Attack Proxy download

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

Note that this project is no longer used for hosting the ZAP downloads.
You should download ZAP via https://github.com/zaproxy/zaproxy/wiki/Downloads
Please see the homepage for more information about OWASP ZAP

Features

Intercepting Proxy
Traditional and AJAX Spiders
Active and Passive scanners
Fuzzing
.. and much more

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow OWASP Zed Attack Proxy

OWASP Zed Attack Proxy Web Site

Other Useful Business Software

Go From AI Idea to AI App Fast

One platform to build, fine-tune, and deploy ML models. No MLOps team required.

Access Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.

Try Free

Rate This Project

User Reviews

Be the first to post a review of OWASP Zed Attack Proxy!

Additional Project Details

Intended Audience

Developers, Quality Engineers, Security, Security Professionals, Testers

User Interface

Java Swing

Programming Language

Java

Related Categories

Java Security Software, Java Penetration Testing Tool

Registered

2013-12-10

Similar Business Software

Panoptic Scans

Panoptic Scans is a vulnerability scanning software offering automated security assessments for applications and networks. Leveraging OpenVAS, ZAP, Nuclei, and Nmap, it identifies security issues and scans for OWASP Top 10 vulnerabilities, delivering detailed reports for easy...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
OWASP ZAP

OWASP ZAP (Zed Attack Proxy) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible. At its core, ZAP is what is known...

See Software
SOCRadar Extended Threat Intelligence

SOCRadar provides a unified, cloud-hosted platform designed to enrich your cyber threat intelligence by contextualizing it with data from your attack surface, digital footprint, dark web exposure, and supply chain. We help security teams see what attackers see by combining External Attack...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
ManageEngine ADManager Plus

ADManager Plus is a simple, easy-to-use Windows Active Directory (AD) management and reporting solution that helps AD administrators and help desk technicians in their day-to-day activities. With a centralized and intuitive web-based GUI, the software handles a variety of complex tasks like bulk...

See Software