[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAORxfg4mZBdPO_8RCArzHRu3bvfRyuJYJ4eEJyFw8ksK9eGD9Q@mail.gmail.com>
Date: Wed, 30 Jan 2013 15:54:13 +0000
From: psiinon <psiinon@...il.com>
To: websecurity@...appsec.org, webappsec@...urityfocus.com,
bugtraq@...urityfocus.com, pen-test@...urityfocus.com,
security-basics@...urityfocus.com
Subject: OWASP Zed Attack Proxy 2.0.0
Hi folks,
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web
applications.
It is designed to be used by people with a wide range of security
experience and as such is ideal for developers and functional testers
who are new to penetration testing as well as being a useful addition
to an experienced pen testers toolbox.
OWASP ZAP 2.0.0 is now available :
http://code.google.com/p/zaproxy/downloads/list
Quick summary of the main changes:
* An integrated add-ons marketplace
* A replacement for the 'standard' Spider
* A new 'Ajax' spider
* Web Socket support
* Session awareness
* Quick Start tab
* User defined Contexts
* Session scope
* Different modes
* A scripting console
* Authentication handling
* More API support
* Fine grained scanning controls
* New and improved active and passive scanning rules
For more details see the OWASP Blog post:
http://owasp.blogspot.com/2013/01/owasp-zed-attack-proxy-v-200.html
Many thanks to everyone who has contributed code, language files,
enhancement requests, bug reports and general feedback.
Simon
--
OWASP ZAP Project leader
Powered by blists - more mailing lists