Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/zaproxy/zaproxy

The ZAP by Checkmarx Core project
https://github.com/zaproxy/zaproxy

appsec dast hacktoberfest security security-scanner zap zap-development zaproxy

Last synced: 3 days ago
JSON representation

The ZAP by Checkmarx Core project

Host: GitHub
URL: https://github.com/zaproxy/zaproxy
Owner: zaproxy
License: apache-2.0
Created: 2015-06-03T16:55:01.000Z (over 9 years ago)
Default Branch: main
Last Pushed: 2024-10-28T17:23:15.000Z (about 1 month ago)
Last Synced: 2024-10-29T11:13:06.403Z (about 1 month ago)
Topics: appsec, dast, hacktoberfest, security, security-scanner, zap, zap-development, zaproxy
Language: Java
Homepage: https://www.zaproxy.org
Size: 189 MB
Stars: 12,667
Watchers: 396
Forks: 2,262
Open Issues: 819
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Security: SECURITY.md

Awesome Lists containing this project

awesome-devsecops - Zed Attack Proxy (ZAP) - _OWASP_ - An open-source web application vulnerability scanner, including an API for CI/CD integration. (Tools / Dynamic Analysis)
awesome-hacking - official OWASP ZAP
awesome-bugbounty-tools - OWASP ZAP - World’s most popular free web security tools and is actively maintained by a dedicated international team of volunteers (Miscellaneous / Vulnerability Scanners)
awesome-repositories - zaproxy/zaproxy - The ZAP by Checkmarx Core project (Java)
awesome-testing - OWASP ZAP - This intercepting proxy allows you to see all HTTP traffic and manipulate it in real time. Easy to scan, catalog and exploit security issues. (Software / Security)
sickTools - x
WebHackersWeapons - ZAP - audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)| (Weapons / Tools)
awesome-java-security - OWASP ZAP - Helps automatically find security vulnerabilities in your web applications. (Runtime Analysis)
awesome-termux-hacking - zaproxy - The OWASP ZAP core project.[![->](https://img.shields.io/github/stars/zaproxy/zaproxy.svg?style=social&label=Star&maxAge=2592000)](https://github.com/zaproxy/zaproxy/stargazers/) (Uncategorized / Uncategorized)
awesome-devsecops-russia - OWASP ZAP
awesome-php - Zap - An integrated penetration testing tool for web applications. (Table of Contents / Security)
MobileHackersWeapons - zaproxy
awesome - zaproxy/zaproxy - The ZAP by Checkmarx Core project (Java)
awesome-hacking-lists - zaproxy/zaproxy - The ZAP core project (Java)
awesome-hacking - official OWASP ZAP
StarryDivineSky - zaproxy/zaproxy
awesome-devsecops - Zed Attack Proxy (ZAP) - _OWASP_ - An open-source web application vulnerability scanner, including an API for CI/CD integration. (Tools / Dynamic Analysis)

README

        # [![](https://raw.githubusercontent.com/wiki/zaproxy/zaproxy/images/zap-by-checkmarx.png)](https://www.zaproxy.org)

[![License](https://img.shields.io/badge/license-Apache%202-4EB1BA.svg)](https://www.apache.org/licenses/LICENSE-2.0.html)

[![GitHub release](https://img.shields.io/github/release/zaproxy/zaproxy.svg)](https://www.zaproxy.org/download/)

[![Java CI](https://github.com/zaproxy/zaproxy/actions/workflows/ci.yml/badge.svg)](https://github.com/zaproxy/zaproxy/actions/workflows/ci.yml)

[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/24/badge)](https://bestpractices.coreinfrastructure.org/projects/24)

[![Github Releases](https://img.shields.io/github/downloads/zaproxy/zaproxy/latest/total.svg?maxAge=2592000)](https://zapbot.github.io/zap-mgmt-scripts/downloads.html)

[![javadoc](https://javadoc.io/badge2/org.zaproxy/zap/javadoc.svg)](https://javadoc.io/doc/org.zaproxy/zap)

[![CodeQL](https://github.com/zaproxy/zaproxy/actions/workflows/codeql.yml/badge.svg)](https://github.com/zaproxy/zaproxy/actions/workflows/codeql.yml)

[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=zaproxy_zaproxy&metric=alert_status)](https://sonarcloud.io/dashboard?id=zaproxy_zaproxy)

[![Open Source Helpers](https://www.codetriage.com/zaproxy/zaproxy/badges/users.svg)](https://www.codetriage.com/zaproxy/zaproxy)

[![Twitter Follow](https://img.shields.io/twitter/follow/zaproxy.svg?style=social&label=Follow&maxAge=2592000)](https://twitter.com/zaproxy)

![Integration Tests](https://github.com/zaproxy/zaproxy/actions/workflows/run-integration-tests.yml/badge.svg)

![Docker Live Release](https://github.com/zaproxy/zaproxy/actions/workflows/release-live-docker.yml/badge.svg)

The Zed Attack Proxy (ZAP) by Checkmarx is the world’s most widely used web app scanner. 

Free and open source. A community based GitHub Top 1000 project that anyone can contribute to.

It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. 

It's also a great tool for experienced pentesters to use for manual security testing.

[![](https://raw.githubusercontent.com/wiki/zaproxy/zaproxy/images/ZAP-Download.png)](https://www.zaproxy.org/download/)

For more details about ZAP see the website: [zaproxy.org](https://www.zaproxy.org/)

[![](https://raw.githubusercontent.com/wiki/zaproxy/zaproxy/images/zap-website.png)](https://www.zaproxy.org/)