HostedScan
hostedscan.com › owasp-vulnerability-scan
OWASP ZAP Online Scan
Online web application vulnerability scan powered by OWASP ZAP. Scan websites for security vulnerabilities.
Videos
11:00
Part 17 - Introduction to OWASP ZAP: Beginner’s Guide to Web ...
58:10
Getting Started with OWASP ZAP - YouTube
11:04
Web Application Security 101: Learn OWASP ZAP in Minutes! - YouTube
08:49
Learn OWASP ZAP In 8 Minutes - Automated Hacking Tool - YouTube
15:20
OWASP ZAP 05 Tutorial: Automated Scanning with OWASP ZAP | ...
20:20
Web Application Vulnerability Scanning with OWASP ZAP | TryHackMe ...
Factsheet
ZAP by Checkmarx
Stable release 2.17.0
/ 25 March 2025; 15 months ago (2025-03-25)
/ 25 March 2025; 15 months ago (2025-03-25)
Written in Java
ZAP by Checkmarx
Stable release 2.17.0
/ 25 March 2025; 15 months ago (2025-03-25)
/ 25 March 2025; 15 months ago (2025-03-25)
Written in Java
ZAP
zaproxy.org
The ZAP Homepage
ZAP provides range of options for security automation.
ZAP
zaproxy.org › getting-started
Getting Started - Zed Attack Proxy (ZAP)
The User Guide provides step-by-step instructions, references for the API and command-line programming, instructional videos, and tips and tricks for using ZAP. Additional links are also available via the ‘Learn More’ button on the Quick Start top screen: The screen links to both local resources (if available) and online content.
StackHawk
stackhawk.com › stackhawk, inc. › tooling guides › owasp zap (zed attack proxy): everything you need to know
OWASP ZAP (Zed Attack Proxy): Everything You Need to Know
March 4, 2026 - This spider can be configured to target specific parts of the application and can be used in conjunction with other ZAP features to enhance the overall security assessment. WebSocket Testing: OWASP ZAP provides robust WebSocket testing capabilities, allowing users to intercept, analyze, and tamper with WebSocket traffic between the client and server.
OWASP
owasp.org › www-chapter-dorset › assets › presentations › 2020-01 › 20200120-OWASPDorset-ZAP-DanielW.pdf pdf
Zed Attack Proxy (ZAP) Daniel W – OWASP Chapter Lead
OWASP Dorset on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.
ZAP
zaproxy.org › docs › scans
ZAP – ZAP Scans
Crawlground - a testbed for web crawlers with individual scored controls (maintained by the ZAP team) Google Security Crawl Maze - a comprehensive testbed for web security crawlers (maintained) OWASP Benchmark - a test suite designed to verify the speed and accuracy of software vulnerability ...
Wikipedia
en.wikipedia.org › wiki › OWASP_ZAP
OWASP ZAP
January 6, 2026 - ZAP was originally forked from Paros which was developed by Chinotec Technologies Company. Simon Bennetts, the project lead, stated in 2014 that only 20% of ZAP's source code was still from Paros. The first release was announced on Bugtraq in September 2010, and became an OWASP project a few ...
SourceForge
sourceforge.net › projects › zap.mirror
ZAP download | SourceForge.net
Download ZAP for free. The OWASP ZAP core project. The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web ...
Reddit
reddit.com › r/cybersecurity › websites for students to test owasp zap?
r/cybersecurity on Reddit: Websites for students to test OWASP ZAP?
October 17, 2024 -
Hi everyone! For a school project, I have to do a passive scan (to analyze HTTP requests and responses for known vulnerabilities) and spidering through OWASP ZAP. I know it is unethical to do this to websites that don’t allow people to do these tests on them, so with that in mind, are there any websites that it is fine to do these tests on? TYIA!
Top answer 1 of 2
2
Why not webgoat or juiceshop? Bro, take a moment to install docker desktop or whatever and run a container with one of the many intentionally vulnerable web apps. Host that shit locally, it's so easy. Not only can you spider those, you can exploit them too.
2 of 2
2
We have lots of examples of deliberately vulnerable apps here https://owasp.org/www-project-vulnerable-web-applications-directory/ 😀
Triad
triad.co.uk › home › news › how to setup owasp zap to scan your web application for security vulnerabilities
Using OWASP ZAP to find web app security vulnerabilities - Triad article
June 30, 2025 - As ZAP spiders the web application, it constructs a map of the web applications’ pages and the resources used to render those pages. Then it records the requests and responses sent to each page and creates alerts if there is something potentially wrong with a request or response. To begin with, you need to download and install OWASP ZAP scanner and set it up correctly.
OWASP
mas.owasp.org › MASTG › tools › network › MASTG-TOOL-0079
MASTG-TOOL-0079: ZAP (Zed Attack Proxy) - OWASP Mobile Application Security
ZAP (Zed Attack Proxy) is a free security tool which helps to automatically find security vulnerabilities in web applications and web services.
ZAP
zaproxy.org › docs › desktop › ui › tlmenu › online
ZAP – The Online menu
Online Menu · OpenAPI Support · OpenAPI Automation Framework Support · OpenAPI LLM Support · OWASP PTK · OWASP PTK Active Scan Rule · OWASP PTK Options · Parameter Digger · Parameter Digger - About · Param Digger dialog · Param Digger tab · Passive Scan Rules ·