ZAP (software)
| ZAP by Checkmarx | |
|---|---|
 Logo including Checkmarx, since 2024 | |
 | |
| Repository |
|
| Written in | Java |
| Engine | |
| Operating system | Linux, Windows, macOS |
| Available in | 25[1] languages |
| Type | Dynamic application security testing |
| License | Apache Licence |
| Website | www |
ZAP (Zed Attack Proxy) is a dynamic application security testing tool published under the Apache License. When used as a proxy server it allows the user to manipulate all of the traffic that passes through it, including HTTPS encrypted traffic. It can also run in a daemon mode, which is then controlled via a REST-based API.
History
[edit | edit source]ZAP was originally forked from Paros which was developed by Chinotec Technologies Company.[2] Simon Bennetts, the project lead, stated in 2014 that only 20% of ZAP's source code was still from Paros.[3]
The first release was announced on Bugtraq in September 2010, and became an OWASP project a few months later.[4][5] In 2023, ZAP developers moved to the Linux Foundation, where they became a part of the Software Security Project.[6][7][8] As of September 24, 2024, all of the main developers joined Checkmarx as employees, and ZAP was rebranded as ZAP by Checkmarx.[9]
ZAP was listed in the 2015 InfoWorld Bossie award for "The best open source networking and security software".[10]
Features
[edit | edit source]Some of the built-in features include:
- An intercepting proxy server,
- Traditional and AJAX Web crawlers
- An automated scanner
- A passive scanner
- Forced browsing
- A fuzzer
- WebSocket support
- Scripting languages
- Plug-n-Hack support
See also
[edit | edit source]Lua error in mw.title.lua at line 392: bad argument #2 to 'title.new' (unrecognized namespace name 'Portal').
Further reading
[edit | edit source]- Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
References
[edit | edit source]- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ https://www.zaproxy.org/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).