Skip to content

Iphone530/zaproxy

 
 

License GitHub release Build Status CII Best Practices Coverity Scan Build Status Github Releases Javadocs OWASP Flagship Language grade: Java Twitter Follow

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.

Please help us to make ZAP even better for you by answering the ZAP User Questionnaire!

ZAP in Ten - Video series

An ongoing series of up to 10 minute videos about ZAP, starting with the basics.

The first episode and the full series are available via:

For general information about ZAP:

  • Home page - the official ZAP page on the OWASP wiki (includes a donate button;)
  • Twitter - official ZAP announcements (low volume)
  • Blog - official ZAP blog
  • Monthly Newsletters - ZAP news, tutorials, 3rd party tools and featured contributors
  • Swag! - official ZAP swag that you can buy, as well as all of the original artwork released under the CC License

For help using ZAP:

Information about the official ZAP Jenkins plugin:

To learn more about ZAP development:

Justification

Justification for the statements made in the tagline at the top;)

Popularity:

  • ToolsWatch Annual Best Free/Open Source Security Tool Survey:

Contributors:

About

The OWASP ZAP core project

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Java 71.7%
  • HTML 26.1%
  • PHP 0.8%
  • Python 0.8%
  • Kotlin 0.3%
  • XSLT 0.1%
  • Other 0.2%