ZAP (Zed Attack Proxy)
zaproxy.orgThe world's most widely used web app scanner. Free and open source.
Securityweb-securitypenetration-testingvulnerability-scanneropen-sourceautomationsecurity-testingowasp
About
Zed Attack Proxy (ZAP) is a free, open-source web application security scanner widely used by security professionals and developers. It offers both manual and automated options for finding vulnerabilities in web applications, with a marketplace of community-contributed add-ons to extend functionality. ZAP is a GitHub Top 1000 project maintained by an international volunteer community.
Problem
Identifying and exploiting security vulnerabilities in web applications is complex and requires specialized tooling.
For
Security testers, penetration testers, and developers who want to scan web applications for vulnerabilities
How it works
ZAP intercepts and scans web application traffic to automatically detect security issues, and can be extended with community add-ons or integrated into CI/CD pipelines via its automation features.
Business model
open-source
Status
launched