ZAP (software)

Last updated
ZAP by Checkmarx
Stable release
2.16.1 / 25 March 2025;8 months ago (2025-03-25)
Repository
Written in Java
Operating system Linux, Windows, macOS
Available in25 [1] languages
Type Dynamic application security testing
License Apache Licence
Website www.zaproxy.org

ZAP (Zed Attack Proxy) is a dynamic application security testing tool published under the Apache License. When used as a proxy server it allows the user to manipulate all of the traffic that passes through it, including HTTPS encrypted traffic. It can also run in a daemon mode, which is then controlled via a REST-based API.

Contents

History

ZAP was originally forked from Paros which was developed by Chinotec Technologies Company. [2] Simon Bennetts, the project lead, stated in 2014 that only 20% of ZAP's source code was still from Paros. [3]

The first release was announced on Bugtraq in September 2010, and became an OWASP project a few months later. [4] [5] In 2023, ZAP developers moved to the Linux Foundation, where they became a part of the Software Security Project. [6] [7] [8] As of September 24, 2024, all of the main developers joined Checkmarx as employees, and ZAP was rebranded as ZAP by Checkmarx. [9]

ZAP was listed in the 2015 InfoWorld Bossie award for "The best open source networking and security software". [10]

Features

Some of the built-in features include:

See also

Further reading

References

  1. "OWASP ZAP". Crowdin.com. Retrieved 3 November 2014.
  2. "ZAP – Paros Proxy". zaproxy.org. Retrieved 2024-10-18.
  3. Bennetts, Simon (2014). Security Testing for Developers Using OWASP ZAP (Speech). JavaOne San Francisco 2014. Oracle. Event occurs at 23:30. Retrieved 2 June 2015.
  4. Wylie, Phillip; Crawley, Kim (2021). The pentester blueprint: starting a career as an ethical hacker (1 ed.). Indianapolis: John Wiley and Sons. p. 75. ISBN   978-1-119-68430-5.
  5. "Bugtraq: The Zed Attack Proxy (ZAP) version 1.0.0". bugtraq . Retrieved 2024-10-18.
  6. "ZAP Core Team to move to Linux Foundation | OWASP Foundation".
  7. "ZAP is Joining the Software Security Project". August 1, 2023.
  8. "Welcoming ZAP to the Software Security Project". July 31, 2023.
  9. https://www.zaproxy.org/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/
  10. "Bossie Awards 2015: The best open source networking and security software". InfoWorld. Retrieved 2024-10-18.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.