darknet.org.uk| 20 June 2011
It’s been a while since the last time we wrote about the OWASP ZAP – Zed Attack Proxy for Web Application Penetration Testing, back in October 2010.
ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.
ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
- Intercepting Proxy
- Automated scanner
- Passive scanner
- Brute Force scanner
- Port scanner
- Dynamic SSL certificates
- Beanshell integration
A new version has been released, v1.3.0, the release adds the following main features:
- Fuzzing, using the JBroFuzz library
- Dynamic SSL Certificates
- Daemon mode and API
- BeanShell integration
- Full internationalization
- Out of the box support for 10 languages
You can download ZAP v1.3.0 here:
Filed under: Software, Tool-Security | Tagged: intercepting proxy, owasp, owasp zap, owasp zed attack proxy, proxy-tool, web application security tool, Web Hacking, web-application-scanner, web-application-security, web-hacking-tool, windows proxy tool, zap, zaproxy, Zed Attack Proxy |