2. What is ZAP ?
● The OWASP ZED Attack proxy (ZAP) is a penetration testing tool for finding
vulnerabilities in the web applications.
● Designed to be used by people with wide range of security experience.
● Cross platform.
● Marketplace.
● Released on September 2010.
● Current version 2.7.0
3.
4. Key Features of ZAP
● Intercepting proxy
● Spider
● Active and Passive scanners
● Fuzzing
● Report Generation
7. More ZAP Features….
● Authentication and session support
● Smartcard and client digital certificate support
● Anti CSRF token handling
● Port scanner
● WebSockets support.
● Marketplace
8. Some more tools to explore...
● Kali Linux
● Iron wasp
● Vega
● Nikto
● OWASP Xenotix XSS Exploit Framework