OWASP ZAP

License GitHub release Java CI CII Best Practices Github Releases javadoc CodeQL Quality Gate Status Open Source Helpers Twitter Follow

Integration Tests Docker Live Release

The Zed Attack Proxy (ZAP) by Checkmarx is the world’s most widely used web app scanner. Free and open source. A community based GitHub Top 1000 project that anyone can contribute to.

It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.

For more details about ZAP see the website: zaproxy.org