Search:

OWASP Releases Zed Attack Proxy (ZAP) 1.4.0

Monday, April 09, 2012

Headlines

69dafe8b58066478aea48f3d0f384820

OWASP has announced the release of an updated and improved Zed Attack Proxy (ZAP) 1.4.0 multi-function network security tool.

"The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications," the OWASP project flyer states.

"It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing, as well as being a useful addition to an experienced pen testers toolbox. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually," the flyer continues.

According to SECLists.org, the new version includes:

  • Syntax highlighting
  • fuzzdb integration
  • Parameter analysis
  • Enhanced XSS scanner
  • A port of some of the Watcher checks
  • Plugable extensions

Other functionalities include:

  • Intercepting proxy
  • Automated scanner
  • Passive scanner
  • Brute force scanner
  • Spider
  • Fuzzer
  • Port scanner
  • Dynamic SSL Certificates
  • API
  • Beanshell integration

The tool can be downloaded at no cost from the OWASP ZAP page here:

The following is an introductory tutorial video for ZAP with Simon Bennetts:

 

More information on ZAP 1.4.0 can be found here:

Share This! |
Possibly Related Articles:
6095
Network->General
OWASP Hacking Scanners Tools Penetration Testing Headlines Network Security Tutorial Zed Attack Proxy
Post Rating I Like this!
Comments:
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked


Latest Member Comments

"I thought this article discuss a very important issue of security.If we have well developed technology in one particular field then we ..."

Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013

"ATM machine are for our convenience but if we are not careful they can compromise our safety. Discount theater tickets "

ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013

"A expressive case study is used to explore causation in order to find underlying principles. Case studies may be prospective in which c..."

New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013

"In the social sciences and life sciences a case study or case report is a descriptive or descriptive analysis of a someone, group or ev..."

Case Study: A Cloud Security Assessment... Caitlin Rachel on 05-21-2013
Latest Posts