Zed Attack Proxy – ZAProxy v1.3.0 Released – Integrated Penetration Testing Tool

ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

Main Features

  • Intercepting Proxy
  • Automated scanner
  • Passive scanner
  • Brute Force scanner
  • Spider
  • Fuzzer
  • Port scanner
  • Dynamic SSL certificates
  • API
  • Beanshell integration

What’s New?

A new version has been released, v1.3.0, the release adds the following main features:

  • Fuzzing, using the JBroFuzz library
  • Dynamic SSL Certificates
  • Daemon mode and API
  • BeanShell integration
  • Full internationalization
  • Out of the box support for 10 languages

You can download ZAP v1.3.0 here:

Windows Installer – ZAP_1.3.0_Windows.exe
Linux Installer – ZAP_1.3.0_Linux.tar.gz
Mac OSX Installer – ZAP_1.3.0_Mac_OS_X.zip

Or read more here.


Labels: , , , , , , , , , ,

Burp Suite Free Edition v1.4 – Web Application Security Testing Tool

For the two people here who don’t know what this tool does, Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.

Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective, and more fun.

And now, we’re happy to announce there’s a new version out and it’s available for download now!

New Features

  • The ability to compare site maps
  • Functions to help with testing access controls using your browser
  • Support for preset request macros
  • Session handling rules to help you work with difficult situations
  • In-browser rendering of responses from all Burp tools
  • Auto recognition and rendering of character sets
  • Support for upstream SOCKS proxies
  • Headless mode for unattended scripted usage
  • Support for more types of redirection
  • Support for NTLMv2 and IPv6
  • Numerous enhancements to Burp’s extensibility
  • Greater stability on OSX

You can download Burp Suite Free Edition v1.4 here:

burpsuite_v1.4.zip

Or read more here.

Labels: , , , , , , , ,
Subscribe to: Posts (Atom)