OWASP ZAP, also known as Zed Attack Proxy enables software developers and testers to perform vulnerability testing on their web applications to find vulnerabilities and thwart hostile attacks. It is now one of the Open Web Application Security Project (OWASP) projects with the highest number of searches. A group of volunteers maintains it from around the world.
Hosted OWASP ZAP. Nothing to install. Start your first scan website vulnerability scan in minutes with these three easy steps
This DAST (Dynamic Application Security Testing) tool is designed to be used by web developers and web application vulnerabiity testers. Domain verification is required before launching a passive website security scan with this tool. The free vulnerability scanning plan allows up to two website to each be scanned once in a 24 hour period. No credit card is required for the free plan.