Thursday, July 28, 2011

Zed Attack Proxy (ZAP) – Integrated Penetration Testing Tool

Posted by org at 11:21 PM



The Zed Attack Proxy (ZAP) is an easy to use integrated penetrationtesting tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experienceand as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

Features:
Intercepting Proxy
Automated scanner
Passive scanner
Brute Force scanner
Spider
Fuzzer
Port scanner
Dynamic SSL certificates
API
Beanshell integration

Characteristics:
Easy to install (just requires java 1.6)
Ease of use a priority
Comprehensive help pages
Fully internationalized
Under active development
Open source
Free (no paid for ‘Pro’ version)
Cross platform
Involvement actively encouraged
Download: ZAP 1.3.1

 

Labels:

0 Comments:

Post a Comment



Subscribe to: Post Comments (Atom)