OWASP Zed Attack Proxy download

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

Note that this project is no longer used for hosting the ZAP downloads.
You should download ZAP via https://github.com/zaproxy/zaproxy/wiki/Downloads
Please see the homepage for more information about OWASP ZAP

Features

Intercepting Proxy
Traditional and AJAX Spiders
Active and Passive scanners
Fuzzing
.. and much more

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow OWASP Zed Attack Proxy

OWASP Zed Attack Proxy Web Site

Other Useful Business Software

Gen AI apps are built with MongoDB Atlas

The database for AI-powered applications.

MongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.

Start Free

Rate This Project

User Reviews

Be the first to post a review of OWASP Zed Attack Proxy!

Additional Project Details

Intended Audience

Developers, Quality Engineers, Security, Security Professionals, Testers

User Interface

Java Swing

Programming Language

Java

Related Categories

Java Security Software, Java Penetration Testing Tool

Registered

2013-12-10

Similar Business Software

OWASP ZAP

OWASP ZAP (Zed Attack Proxy) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible. At its core, ZAP is what is known...

See Software
Panoptic Scans

Panoptic Scans is a vulnerability scanning software offering automated security assessments for applications and networks. Leveraging OpenVAS, ZAP, and Nmap, it identifies security issues and scans for OWASP Top 10 vulnerabilities, delivering detailed reports for easy remediation. The...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
BeEF

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture...

See Software
SOCRadar Extended Threat Intelligence

SOCRadar provides a unified, cloud-hosted platform designed to enrich your cyber threat intelligence by contextualizing it with data from your attack surface, digital footprint, dark web exposure, and supply chain. We help security teams see what attackers see by combining External Attack...

See Software
EthicalCheck

Submit API test requests via the UI form or invoke EthicalCheck API using cURL/Postman. Request input requires a public-facing OpenAPI Spec URL, an API authentication token valid for at least 10 mins, an active license key, and an email. EthicalCheck engine automatically creates and runs custom...

See Software