Thursday, July 28, 2011



The Zed Attack Proxy (ZAP) is an easy to use integrated penetrationtesting tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experienceand as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

Features:
Intercepting Proxy
Automated scanner
Passive scanner
Brute Force scanner
Spider
Fuzzer
Port scanner
Dynamic SSL certificates
API
Beanshell integration

Characteristics:
Easy to install (just requires java 1.6)
Ease of use a priority
Comprehensive help pages
Fully internationalized
Under active development
Open source
Free (no paid for ‘Pro’ version)
Cross platform
Involvement actively encouraged
Download: ZAP 1.3.1

0 Comments:

Post a Comment