The Zed Attack Proxy (ZAP) is an easy to use
integrated penetration testing tool for
finding vulnerabilities in web applications.
It is designed to be used by people with a
wide range of security experience and as
such is ideal for developers and functional
testers who are new to penetration testing.
ZAP provides automated scanners as well as
a set of tools that allow you to find security
vulnerabilities manually.
Features:
*.Intercepting Proxy
*.Automated scanner
*.Passive scanner
*.Brute Force scanner
*.Spider
*.Fuzzer
*.Port scanner
*.Dynamic SSL certificates
*.API
*.Beanshell integration
Characteristics:
*.Easy to install (just requires java 1.6)
*.Ease of use a priority
*.Comprehensive help pages
*.Fully internationalized
*.Under active development
*.Open source
*.Free (no paid for ‘Pro’ version)
*.Cross platform
*.Involvement actively encouraged
Download: ZAP 1.3.1 || zap-api-v2-4.jar from google
No comments:
Post a Comment