Penetration Testing
OWASP Zed Attack Proxy 2.0.0 Jan 30 2013 03:54PM
psiinon (psiinon gmail com)
Hi folks,

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web
applications.

It is designed to be used by people with a wide range of security
experience and as such is ideal for developers and functional testers
who are new to penetration testing as well as being a useful addition
to an experienced pen testers toolbox.

OWASP ZAP 2.0.0 is now available :
http://code.google.com/p/zaproxy/downloads/list

Quick summary of the main changes:
* An integrated add-ons marketplace
* A replacement for the 'standard' Spider
* A new 'Ajax' spider
* Web Socket support
* Session awareness
* Quick Start tab
* User defined Contexts
* Session scope
* Different modes
* A scripting console
* Authentication handling
* More API support
* Fine grained scanning controls
* New and improved active and passive scanning rules

For more details see the OWASP Blog post:
http://owasp.blogspot.com/2013/01/owasp-zed-attack-proxy-v-200.html

Many thanks to everyone who has contributed code, language files,
enhancement requests, bug reports and general feedback.

Simon

--
OWASP ZAP Project leader

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus