Zed Attack Proxy (ZAP)是一个易于使用的、用于寻找Web应用程序漏洞的综合性渗透测试工具。ZAP是为拥有广泛安全经验的人员设计的，同时，也是渗透测试新手用于开发和功能测试的理想工具。ZAP提供了自动化的扫描工具，并且也提供一系列工具用于手动寻找安全漏洞。目前ZAP更新至1.3.1版,新版主要改变如下：
  Issue 97 : Working Directory for Applications
  Issue 98 : Not possible to cancel check for updates
  Issue 100 : Alerts tab has 2 ‘Resend…’ right click popups
  Issue 104 : Display warning dialog, when no root CA certificate exists
  Issue 110 : Choosing user’s language by default, when starting the first time
  Issue 112 : Provide a way to apply language packs on Mac OS
  Issue 121 : Session compare report javascript broken in Firefox 3
  Issue 123 : Cant select https site from Active scan window if theres an http equivalent
  Issue 127: CSRF token feature does not work in fuzz – added help explanation for partial fix
  Issue 140 : The Display options shouldnt include the advanced or windows manager options
  SSL Bug which prevented SSL connections from being established in any browser
工具下载:http://code.google.com/p/zaproxy/downloads/list