Zed Attack Proxy (ZAP) is described as 'The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications' and is a penetration testing tool in the network & admin category. There are more than 25 alternatives to Zed Attack Proxy (ZAP) for a variety of platforms, including Windows, Linux, Mac, Web-based and iPhone apps. The best Zed Attack Proxy (ZAP) alternative is mitmproxy, which is both free and Open Source. Other great apps like Zed Attack Proxy (ZAP) are Fiddler, HTTP Toolkit, Burp Suite and Charles.
mitmproxy is an SSL-capable man-in-the-middle proxy for HTTP. It provides a console interface that allows traffic flows to be inspected and edited on the fly. It also features mitmdump, a commandline tool that provides a tcpdump-like interface for saving, viewing and...
Web Debugging Proxy that logs all HTTP(S) traffic for comprehensive analysis. It allows manipulation of traffic, supports scripting, and extends with .NET. Debugs virtually any application, implementing man-in-the-middle interception with self-signed certificates. Freeware, ideal for developers.
HTTP Toolkit is a beautiful, cross-platform & open-source HTTP(S) debugging proxy, analyzer & client, with built-in support for modern tools and automatic interception for clients from Docker to Android to iOS.
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting...
Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).
Proxyman is a high-performance macOS app, which enables developers to view HTTP/HTTPS requests from apps and domains. Available on macOS, iOS, Windows & Linux.
Caido is a cutting-edge web application security tool that enables users to efficiently identify and assess potential vulnerabilities in their web applications. It can be easily integrated into both personal and enterprise environments, making it adaptable to a wide range of...
Lonkero is a high-performance web vulnerability scanner built in Rust for penetration testers and bug bounty hunters who are tired of slow, bloated tools that generate hundreds of false positives.
HTTP Debugger Pro - A Professional HTTP Sniffer and Analyzer for Developers.
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers.
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc.
United States
Spain
EU
New Zealand
Finland
