Hi folks,
OWASP ZAP 2.3.0 is now available :
http://code.google.com/p/zaproxy/wiki/Downloads?tm=2
Quick summary of the main changes:
* A ZAP 'lite' version in addition to the existing 'full' version
* View, intercept, manipulate, resend and fuzz client-side (browser) events
* Enhanced
The OWASP Vulnerable Web Applications Directory (VWAD) Project is a
comprehensive and well maintained registry of all known vulnerable web
applications currently available. These vulnerable web applications
can be used by web developers, security auditors and penetration
testers to put in practice
Hi folks,
ZAP 2.2.0 is now available from http://code.google.com/p/zaproxy/downloads/list
This includes support for scripts embedded in ZAP components like the
active and passive scanners as well as support for Zest - a new
security focused scripting language from the Mozilla security team.
It
Hi folks,
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web
applications.
It is designed to be used by people with a wide range of security
experience and as such is ideal for developers and functional testers
who are new to
Hi folks,
I'm very pleased to announce that version 1.4.0 of the OWASP Zed
Attack Proxy (ZAP) has now been released.
This release adds the following main features:
* Syntax highlighting
* fuzzdb integration
* Parameter analysis
* Enhanced XSS scanner
* A port of some of the Watcher checks
*
to the OWASP Zed Attack
Proxy at OWASP AppSec EU on Friday 10th June.
Many thanks to everyone who contributed code, language files,
enhancement requests, bug reports and general feedback.
Psiinon
future I'm hoping to add things like:
* Ajax requests
* More vulnerabilities (of course)
Any feedback (or offers of help to develop it further;) would be appreciated.
Many thanks,
Psiinon
the ZAP
homepage: http://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
Many thanks to everyone who contributed code, language files,
enhancement requests, bug reports and general feedback.
Psiinon
* Improvements to the passive and active automated scanners
* Improvements the Spider
* The addition a basic port scanner
* The ability to brute force files and directories (using
components from DirBuster)
* Further internationalization
Many thanks,
Psiinon