Web Security

OWASP ZAP

Free web application security testing proxy and scanner from the OWASP ecosystem.

webhttpproxyscannerowaspappsec

Best For

Good for learning web request inspection, passive findings, and defensive web testing basics.

Responsible Use

Use this tool only in owned environments, classroom labs, CTFs, or engagements where you have explicit written permission. Keep notes focused on findings, risk, and remediation.

Official Resource

https://www.zaproxy.org/