OWASP ZAP

OWASP ZAP

OWASP
+
+

Related Products

  • Aikido Security
    72 Ratings
    Visit Website
  • Astra Pentest
    169 Ratings
    Visit Website
  • GitLab
    2,507 Ratings
    Visit Website
  • Heimdal Endpoint Detection and Response (EDR)
    54 Ratings
    Visit Website
  • Carbide
    88 Ratings
    Visit Website
  • Sahi Pro
    60 Ratings
    Visit Website
  • Testeum
    8 Ratings
    Visit Website
  • Cisco Umbrella
    1,177 Ratings
    Visit Website
  • Global App Testing
    48 Ratings
    Visit Website
  • KrakenD
    66 Ratings
    Visit Website

About

OWASP ZAP (Zed Attack Proxy) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible. At its core, ZAP is what is known as a “man-in-the-middle proxy.” It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application, modify the contents if needed, and then forward those packets on to the destination. It can be used as a stand-alone application, and as a daemon process. ZAP provides functionality for a range of skill levels – from developers, to testers new to security testing, to security testing specialists. ZAP has versions for each major OS and Docker, so you are not tied to a single OS. Additional functionality is freely available from a variety of add-ons in the ZAP Marketplace, accessible from within the ZAP client.

About

OpenText Dynamic Application Security Testing (DAST) is an automated solution that simulates real-world attacks on live applications, APIs, and services to identify exploitable vulnerabilities. It operates on running production environments, requiring no source code or staging setup. Designed for modern DevSecOps teams, the platform prioritizes vulnerabilities for root cause analysis and integrates seamlessly through REST APIs and an intuitive user interface. OpenText DAST supports automation in CI/CD pipelines, reducing manual efforts while accelerating security feedback. It covers modern web technologies like HTML5, JSON, AJAX, JavaScript, and HTTP2 to ensure comprehensive testing. Flexible deployment options allow organizations to run the solution on public cloud, private cloud, or on-premises environments.

Platforms Supported

Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook

Platforms Supported

Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook

Audience

A Security Testing application for DevOps teams or companies

Audience

DevSecOps and security teams looking for automated, scalable, real-time vulnerability testing on live applications and APIs integrated into CI/CD workflows

Support

Phone Support
24/7 Live Support
Online

Support

Phone Support
24/7 Live Support
Online

API

Offers API

API

Offers API

Screenshots and Videos

Screenshots and Videos

Pricing

No information available.
Free Version
Free Trial

Pricing

No information available.
Free Version
Free Trial

Reviews/Ratings

Overall 0.0 / 5
ease 0.0 / 5
features 0.0 / 5
design 0.0 / 5
support 0.0 / 5

This software hasn't been reviewed yet. Be the first to provide a review:

Review this Software

Reviews/Ratings

Overall 0.0 / 5
ease 0.0 / 5
features 0.0 / 5
design 0.0 / 5
support 0.0 / 5

This software hasn't been reviewed yet. Be the first to provide a review:

Review this Software

Training

Documentation
Webinars
Live Online
In Person

Training

Documentation
Webinars
Live Online
In Person

Company Information

OWASP
Founded: 2001
United States
www.zaproxy.org

Company Information

OpenText
Founded: 1991
Canada
www.opentext.com/products/dynamic-application-security-testing

Alternatives

Caido

Caido

Caido Labs Inc.

Alternatives

OWASP ZAP

OWASP ZAP

OWASP
Burp Suite

Burp Suite

PortSwigger
Burp Suite

Burp Suite

PortSwigger
WebScanner

WebScanner

DefenseCode
Acunetix

Acunetix

Invicti Security

Categories

Categories

Integrations

Kondukto
Seeker
ThreadFix
ArmorCode
Bizzy
Blink
Conviso Platform
CyCognito
Docker
FuzzDB
Hexway Pentest Suite
IRI FieldShield
Nucleus
Parasoft
Phoenix Security
Prancer
SQUAD1
Seconize DeRisk Center
Sn1per Professional
Subject7

Integrations

Kondukto
Seeker
ThreadFix
ArmorCode
Bizzy
Blink
Conviso Platform
CyCognito
Docker
FuzzDB
Hexway Pentest Suite
IRI FieldShield
Nucleus
Parasoft
Phoenix Security
Prancer
SQUAD1
Seconize DeRisk Center
Sn1per Professional
Subject7
Claim OWASP ZAP and update features and information
Claim OWASP ZAP and update features and information
Claim OpenText Dynamic Application Security Testing and update features and information
Claim OpenText Dynamic Application Security Testing and update features and information