ZAP download | SourceForge.net

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application.

Features

ZAP can be run in a completely automated way
ZAP is a fork of the open source variant of the Paros Proxy
Designed specifically for testing web applications and is both flexible and extensible
It can be used as a stand-alone application, and as a daemon process
If there is another network proxy already in use, as in many corporate environments, ZAP can be configured to connect to that proxy
ZAP provides functionality for a range of skill levels – from developers, to testers new to security testing, to security testing specialists

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow ZAP

ZAP Web Site

Other Useful Business Software

AI-powered service management for IT and enterprise teams

Enterprise-grade ITSM, for every business

Give your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.

Try it Free

Rate This Project

User Reviews

Be the first to post a review of ZAP!

Additional Project Details

Programming Language

Java

Related Categories

Java Performance Testing Software, Java Penetration Testing Tool

Registered

2021-07-05

Similar Business Software

Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
Parasoft

Parasoft helps organizations continuously deliver high-quality software with its AI-powered software testing platform and automated test solutions. Supporting embedded and enterprise markets, Parasoft’s proven technologies reduce the time, effort, and cost of delivering secure, reliable, and...

See Software
OWASP ZAP

OWASP ZAP (Zed Attack Proxy) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible. At its core, ZAP is what is known...

See Software
Carbide

Carbide is a tech-enabled service that strengthens your company’s information security and privacy management capabilities. Our platform and expert services are tailored for companies aiming for a sophisticated security posture, particularly valuable for organizations that must meet rigorous...

See Software
QA Wolf

Whether you're shipping web or mobile apps, QA Wolf has you covered. We build automated end-to-end tests for 80% of your user flows in weeks, maintain them 24 hours a day, and provide unlimited parallel test runs on our infrastructure. Did we mention that we guarantee zero flakes? We do that...

See Software