Jump to content

ZAP (software): Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
m Removes duplicate verb.
Citation bot (talk | contribs)
Bots
5,424,033 edits
Add: date, title. Changed bare reference to CS1/2. | Use this bot. Report bugs. | Suggested by Whoop whoop pull up | #UCB_webform 10/44
Line 7: Line 7:
| name = OWASP ZAP
| name = OWASP ZAP
| caption = "OWASP Zed Attack Proxy"
| caption = "OWASP Zed Attack Proxy"
| latest release version = 2.13.0<ref>https://www.zaproxy.org/blog/2023-07-12-zap-2.13.0/</ref>
| latest release version = 2.13.0<ref>{{cite web | url=https://www.zaproxy.org/blog/2023-07-12-zap-2.13.0/ | title=Zap 2.13.0 | date=12 July 2023 }}</ref>
| latest release date = {{release date and age|2023|07|12|df=yes}}
| latest release date = {{release date and age|2023|07|12|df=yes}}
| operating system = [[Linux]], [[Windows]], [[OS X]]
| operating system = [[Linux]], [[Windows]], [[OS X]]
Line 31: Line 31:
ZAP was originally forked from Paros, another pentesting proxy. Simon Bennetts, the project lead, stated in 2014 that only 20% of ZAP's source code was still from Paros.<ref>{{cite speech|url=https://www.youtube.com/watch?v=_MmDWenz-6U&t=23m30s|time=23:30|publisher=Oracle|event=JavaOne San Francisco 2014|date=2014|first=Simon|last=Bennetts|title=Security Testing for Developers Using OWASP ZAP|access-date=2 June 2015}}</ref>
ZAP was originally forked from Paros, another pentesting proxy. Simon Bennetts, the project lead, stated in 2014 that only 20% of ZAP's source code was still from Paros.<ref>{{cite speech|url=https://www.youtube.com/watch?v=_MmDWenz-6U&t=23m30s|time=23:30|publisher=Oracle|event=JavaOne San Francisco 2014|date=2014|first=Simon|last=Bennetts|title=Security Testing for Developers Using OWASP ZAP|access-date=2 June 2015}}</ref>


As of August 1, 2023, the ZAP development team announced that OWASP ZAP is leaving the OWASP Foundation to join [https://softwaresecurityproject.org/ The Software Security Project], as a founding project <ref>https://www.zaproxy.org/blog/2023-08-01-zap-is-joining-the-software-security-project/</ref> and henceforth will be simply called '''ZAP'''.
As of August 1, 2023, the ZAP development team announced that OWASP ZAP is leaving the OWASP Foundation to join [https://softwaresecurityproject.org/ The Software Security Project], as a founding project <ref>{{cite web | url=https://www.zaproxy.org/blog/2023-08-01-zap-is-joining-the-software-security-project/ | title=ZAP is Joining the Software Security Project | date=August 2023 }}</ref> and henceforth will be simply called '''ZAP'''.


==Features==
==Features==

Revision as of 03:29, 24 August 2023

OWASP ZAP
Stable release
2.13.0[1] / 12 July 2023; 17 months ago (2023-07-12)
Repository
Written inJava
Operating systemLinux, Windows, OS X
Available in25[2] languages
TypeComputer security
LicenseApache Licence
Websitewww.zaproxy.org

OWASP ZAP (short for Zed Attack Proxy) is an open-source web application security scanner. It is intended to be used by both those new to application security as well as professional penetration testers.

It has been one of the most active Open Web Application Security Project (OWASP) projects[3] and has been given Flagship status.[4]

When used as a proxy server it allows the user to manipulate all of the traffic that passes through it, including traffic using HTTPS.

It can also run in a daemon mode which is then controlled via a REST API.

ZAP was added to the ThoughtWorks Technology Radar on May 30, 2015 in the Trial ring.[5]

ZAP was originally forked from Paros, another pentesting proxy. Simon Bennetts, the project lead, stated in 2014 that only 20% of ZAP's source code was still from Paros.[6]

As of August 1, 2023, the ZAP development team announced that OWASP ZAP is leaving the OWASP Foundation to join The Software Security Project, as a founding project [7] and henceforth will be simply called ZAP.

Features

Some of the built in features include:

It has a plugin-based architecture and an online ‘marketplace’ which allows new or updated features to be added. The GUI control panel has been described as easy to use.[8]

Awards

  • One of the OWASP tools referred to in the 2015 Bossie award for The best open source networking and security software[9]
  • Second place in the Top Security Tools of 2014 as voted by ToolsWatch.org readers[10]
  • Top Security Tool of 2013 as voted by ToolsWatch.org readers[11]
  • Toolsmith Tool of the Year for 2011[12]

See also

References

  1. ^ "Zap 2.13.0". 12 July 2023.
  2. ^ "OWASP ZAP". Crowdin.com. Retrieved 3 November 2014.
  3. ^ "Open Web Application Security Project (OWASP)". Openhub.net. Retrieved 3 November 2014.
  4. ^ "OWASP Project Inventory". Owasp.org. Retrieved 3 November 2014.
  5. ^ "TECHNOLOGY RADAR Our thoughts on the technology and trends that are shaping the future" (PDF). Thoughtworks.com. Retrieved 6 May 2015.
  6. ^ Bennetts, Simon (2014). Security Testing for Developers Using OWASP ZAP (Speech). JavaOne San Francisco 2014. Oracle. Event occurs at 23:30. Retrieved 2 June 2015.
  7. ^ "ZAP is Joining the Software Security Project". August 2023.
  8. ^ Marcel Birkner (28 October 2013). "Automated Security Testing Web Applications Using OWASP Zed Attack Proxy test". Retrieved 22 November 2016.
  9. ^ InfoWorld (16 September 2015). "Bossie Awards 2015: The best open source networking and security software". Infoworld.com. Retrieved 21 September 2015.
  10. ^ "ToolsWatch.org – The Hackers Arsenal Tools Portal » 2014 Top Security Tools as Voted by ToolsWatch.org Readers". Toolswatch.org. Retrieved 16 January 2015.
  11. ^ "ToolsWatch.org – The Hackers Arsenal Tools Portal » 2013 Top Security Tools as Voted by ToolsWatch.org Readers". Toolswatch.org. Retrieved 3 November 2014.
  12. ^ Russ McRee (February 2012). "HolisticInfoSec: 2011 Toolsmith Tool of the Year: OWASP ZAP". Holisticinfosec.blogspot.com. Retrieved 3 November 2014.
Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=ZAP_(software)&oldid=1171951159"