It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.
ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually
Some of ZAP's functionality:-
Intercepting Proxy
Traditional and AJAX spiders
Automated scanner
Passive scanner
Forced browsing
Fuzzer
Dynamic SSL certificates
Smartcard and Client Digital Certificates support
Web sockets support
Support for a wide range of scripting languages
Plug-n-Hack support
Authentication and session support
Powerful REST based API
Automatic updating option
Integrated and growing marketplace of add-ons
Download ZAP
ZAP 2.2.2 is available via the above link, for more details see the release notes
You can also get cross platform weekly releases which include all of the latest changes.
ZAP Is the Top Security Tool of 2013 as voted by ToolsWatch.org readers!
For more videos see the links on the wiki videos page.
Source-
0 comments:
Post a Comment