AlternativeTo Logo

    OWASP Zed Attack Proxy (ZAP) Alternatives

    OWASP Zed Attack Proxy (ZAP) is described as 'The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications' and is an app in the development category. There are more than 25 alternatives to OWASP Zed Attack Proxy (ZAP) for a variety of platforms, including Windows, Mac, Linux, Online / Web-based and SaaS. The best alternative is Fiddler, which is free. Other great apps like OWASP Zed Attack Proxy (ZAP) are mitmproxy, Burp Suite, Charles and HTTP Toolkit.

    OWASP Zed Attack Proxy (ZAP) is mainly a Web Debugger but alternatives to it may also be Vulnerability Scanners or HTTP(S) Debuggers. Filter by these if you want a narrower list of alternatives or looking for a specific functionality of OWASP Zed Attack Proxy (ZAP).
    This page was last updated May 26, 2022
    • FreeOpen Source
    • Mac
    • Windows
    • Linux
    More
    The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web...
    Learn more about OWASP Zed Attack Proxy (ZAP)

    1. Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data.
    2. mitmproxy is an SSL-capable man-in-the-middle proxy for HTTP. It provides a console interface that allows traffic flows to be inspected and edited on the fly.


    3. Burp Suite is an integrated platform for performing security testing of web applications.
      • Mac
      • Windows
      • Linux
      • iPhone
      • iPad
      More
      Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).
    4. HTTP Toolkit is a beautiful, cross-platform & open-source HTTP(S) debugging proxy, analyzer & client, with built-in support for modern tools from Docker to Android to GraphQL.


      • FreeOpen Source
      • Mac
      • Windows
      • Linux
      More
      Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers.
      • FreeOpen Source
      • Windows
      • Linux
      More
      More
      w3af is a Web Application Attack and Audit...
    5. HTTP Debugger Pro - A Professional HTTP Sniffer and Analyzer for...
      • Windows
      • Online
      • Wordpress
      More
      More
      Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities with Acunetix Web Security Scanner. Download Free Edition!
    Showing 10 of 27 alternatives