↓ download on github


The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.

Please help us to make ZAP even better for you by answering the https://docs.google.com/forms/d/1-k-vcj_sSxlil6XLxCFade-m-IQVeE2h9gduA-2ZPPA/viewform!

For general information about ZAP:

For help using ZAP:

Information about the official ZAP Jenkins plugin:

To learn more about ZAP development:


Justification for the statements made in the tagline at the top;)



Tools Web