OWASP Zed Attack Proxy Project v1.1.0
It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who a new to penetration testing.
ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
Some of ZAP’s features:
Some of ZAP’s characteristics:
- Easy to install (just requires java 1.6)
- Ease of use a priority
- Comprehensive help pages
- Under active development
- Open source
- Free (no paid for ‘Pro’ version)
- Cross platform
- Involvement actively encouraged
ZAP is a fork of the well regarded Paros Proxy.