The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web
applications.
It is designed to be used by people with a wide range of security
experience and as such is ideal for developers and functional testers
who are new to penetration testing as well as being a useful addition
to an experienced pen testers toolbox.
OWASP ZAP 2.0.0 is now available :
http://code.google.com/p/zaproxy/downloads/list
Quick summary of the main changes:
* An integrated add-ons marketplace
* A replacement for the 'standard' Spider
* A new 'Ajax' spider
* Web Socket support
* Session awareness
* Quick Start tab
* User defined Contexts
* Session scope
* Different modes
* A scripting console
* Authentication handling
* More API support
* Fine grained scanning controls
* New and improved active and passive scanning rules
For more details see the OWASP Blog post:
http://owasp.blogspot.com/2013/01/owasp-zed-attack-proxy-v-200.html
Many thanks to everyone who has contributed code, language files,
enhancement requests, bug reports and general feedback.
Simon
--
OWASP ZAP Project leader
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web
applications.
It is designed to be used by people with a wide range of security
experience and as such is ideal for developers and functional testers
who are new to penetration testing as well as being a useful addition
to an experienced pen testers toolbox.
OWASP ZAP 2.0.0 is now available :
http://code.google.com/p/zaproxy/downloads/list
Quick summary of the main changes:
* An integrated add-ons marketplace
* A replacement for the 'standard' Spider
* A new 'Ajax' spider
* Web Socket support
* Session awareness
* Quick Start tab
* User defined Contexts
* Session scope
* Different modes
* A scripting console
* Authentication handling
* More API support
* Fine grained scanning controls
* New and improved active and passive scanning rules
For more details see the OWASP Blog post:
http://owasp.blogspot.com/2013/01/owasp-zed-attack-proxy-v-200.html
Many thanks to everyone who has contributed code, language files,
enhancement requests, bug reports and general feedback.
Simon
--
OWASP ZAP Project leader
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
[ reply ]