OWASP Zed Attack Proxy

Presented at AppSec USA 2013, Nov. 20, 2013, 3 p.m. (50 minutes)

Video of session: https://www.youtube.com/watch?v=pYFtLA2yTR8&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=1 The Zed Attack Proxy (ZAP)  is now one of the most popular OWASP projects. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen tester's toolbox. After giving a quick introduction for people new to ZAP, Simon will focus on the latest features, including those developed as part of the Google Summer of Code as well as Plug-n-Hack and the Zest scripting language. Simon will also demonstrate soon to be released features that have not been seen before and are believed to be not currently possible using equivalent tools.


  • Simon Bennetts - Security - Mozilla
    Simon Bennetts has been developing web applications since 1997, and strongly believes that you cannot build secure web applications without knowing how to attack them. He is the OWASP Zed Attack Proxy Project Leader and works for Mozilla as part of the Cloud Security Team.


Similar Presentations: