The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

LicenseApache 2.0
Organization OWASP
HomePage https://www.owasp.org/index.php/ZAP
DateApr 03, 2017
Filespom (8 KB)  jar (4.8 MB)  View All
RepositoriesCentralSonatypePublicSonatypeSpring Lib MSpring Plugins
Ranking#81687 in MvnRepository (See Top Artifacts)
Used By4 artifacts
VulnerabilitiesDirect vulnerabilities:
CVE-2022-27820

Vulnerabilities from dependencies:
CVE-2022-41853
CVE-2022-41852
CVE-2022-40161
View 16 more ...

Note: There is a new version for this artifact

New Version2.12.0


Compile Dependencies (27)

Category/License Group / ArtifactVersionUpdates

BSD 3-clause
com.fifesoft » rsyntaxtextarea 2.5.83.3.0
Semantic Versioning
MIT
com.github.zafarkhaja » java-semver 0.8.00.9.0
Diff/Patch
Apache 2.0
com.googlecode.java-diff-utils » diffutils 1.2.11.3.0
Reflection
Apache 2.0
commons-beanutils » commons-beanutils2 vulnerabilities 1.8.31.9.4
Collections
Apache 2.0
commons-collections » commons-collections 3.2.24.4
Config
Apache 2.0
commons-configuration » commons-configuration 1.92.8.0
HTTP Clients
Apache 2.0
commons-httpclient » commons-httpclient 3.14.5.14
I/O
Apache 2.0
commons-io » commons-io1 vulnerability 2.42.11.0
Core Utils
Apache 2.0
commons-lang » commons-lang 2.63.12.0

LGPL 2.1
edu.stanford.ejalbert » BrowserLauncher2 1.3

Apache 2.0
edu.umass.cs.benchlab » harlib 1.1.21.1.3
Java Spec
javax.help » javahelp 2.0.05
Logging
Apache 2.0
log4j » log4j5 vulnerabilities 1.2.172.19.0
HTML Parser
ApacheEPL 1.0LGPL
net.htmlparser.jericho » jericho-html 3.13.4
JSON Lib
Apache 2.0
net.sf.json-lib » json-lib 2.4
CSV
Apache 2.0
org.apache.commons » commons-csv 1.11.9.0
HTTP Clients
Apache 2.0
org.apache.httpcomponents » httpclient1 vulnerability 4.55.2.1

BouncyCastle
org.bouncycastle » bcmail-jdk15on 1.521.70
Encryption Lib
BouncyCastle
org.bouncycastle » bcprov-jdk15on1 vulnerability 1.521.70
Encryption Lib
BouncyCastle
org.bouncycastle » bcpkix-jdk15on 1.521.70
Embedded SQL DB
org.hsqldb » hsqldb1 vulnerability 2.3.42.7.1
XML Processing
org.jdom » jdom1 vulnerability 1.1.32.0.6.1
Chart Library
LGPL
org.jfree » jfreechart 1.0.191.5.3

EPL 2.0LGPL 2.1
org.jgrapht » jgrapht-core 0.9.01.5.1

Apache 2.0
org.jitsi » ice4j 1.03.0-59-g71e244d

LGPL
org.swinglabs.swingx » swingx-all 1.6.41.6.5-1
JDBC Driver
Apache 2.0
org.xerial » sqlite-jdbc 3.8.11.13.40.0.0

Runtime Dependencies (4)

Category/License Group / ArtifactVersionUpdates
Base64
Apache 2.0
commons-codec » commons-codec 1.91.15
Expression Lang
Apache 2.0
commons-jxpath » commons-jxpath6 vulnerabilities 1.3
Logging
Apache 2.0
commons-logging » commons-logging 1.2

LGPL 2.1
xom » xom 1.2.51.2.10

Test Dependencies (4)

Licenses

LicenseURL
The Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt

Developers

NameEmailDev IdRolesOrganization
Everyone who has contributed to ZAPzaproxy-develop<at>googlegroups.comAllZapDevs

Mailing Lists

NameDetails
OWASP ZAP User Group Subscribe
Unsubscribe
OWASP ZAP Developer Group Subscribe
Unsubscribe