The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pentester’s toolbox.

The current version of ZAP is is 1.3.0

Homepage | Download

ZAP is a fork of version 3.2.13 of the open source variant of Paros developed by Chinotec Technologies Company.