[WEB SECURITY] OWASP Zed Attack Proxy 2.0.0

psiinon psiinon at gmail.com
Wed Jan 30 10:54:13 EST 2013

Hi folks,

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web

It is designed to be used by people with a wide range of security
experience and as such is ideal for developers and functional testers
who are new to penetration testing as well as being a useful addition
to an experienced pen testers toolbox.

OWASP ZAP 2.0.0 is now available :

Quick summary of the main changes:
 * An integrated add-ons marketplace
 * A replacement for the 'standard' Spider
 * A new 'Ajax' spider
 * Web Socket support
 * Session awareness
 * Quick Start tab
 * User defined Contexts
 * Session scope
 * Different modes
 * A scripting console
 * Authentication handling
 * More API support
 * Fine grained scanning controls
 * New and improved active and passive scanning rules

For more details see the OWASP Blog post:

Many thanks to everyone who has contributed code, language files,
enhancement requests, bug reports and general feedback.


OWASP ZAP Project leader

More information about the websecurity mailing list