II.
Tool overview
Reference · livetool:owasp-zap
OWASP ZAP overview
Open-source dynamic application security testing (DAST) tool maintained by OWASP for finding vulnerabilities in web applications. Provides automated scanning, active and passive attack modes, and a REST API for CI/CD pipeline integration.
Attributes
displayName
OWASP ZAP
homepageUrl
kind
security
description
Open-source dynamic application security testing (DAST) tool maintained by OWASP for finding
vulnerabilities in web applications. Provides automated scanning, active and passive attack modes,
and a REST API for CI/CD pipeline integration.
Outgoing edges
alternative_to2
- tool:snyk·ToolSnyk
- tool:sonarqube·ToolSonarQube
belongs_to_language1
- language:java·LanguageJava
tool_used_by2
- skill-area:dast-scanning·SkillAreaDAST Scanning
- skill-area:web-security-testing·SkillAreaWeb Security Testing
Incoming edges
alternative_to2
- tool:snyk·ToolSnyk
- tool:sonarqube·ToolSonarQube
integrates_with1
- tool-server:mcp-owasp-zap·ToolServerOWASP ZAP MCP Server
uses_tool2
- specialization:security-compliance·Specialization
- specialization:security-research·Specialization