It is designed for use by people with a variety of security experience and thus is ideal for developers and new pentester to conduct pentest.
ZAP provides automated scanners and a set of tools that allow a website to find security vulnerabilities manually.
Feature On ZAP:
- Intercepting Proxy
- Automated scanner
- Passive scanner
- Brute Force scanner
- Spider
- Fuzzer
- Port scanner
- Dynamic SSL certificates
- API
- Beanshell integration
Caracter Of ZAP:
- Easy to install (just requires java 1.6)
- Ease of use a priority
- Comprehensive help pages
- Fully internationalized
- Under active development
- Open source
- Free (no paid for ‘Pro’ version)
- Cross platform
- Involvement actively encouraged
No comments:
Post a Comment