Hi folks, The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox. OWASP ZAP 2.0.0 is now available : http://code.google.com/p/zaproxy/downloads/list Quick summary of the main changes: * An integrated add-ons marketplace * A replacement for the 'standard' Spider * A new 'Ajax' spider * Web Socket support * Session awareness * Quick Start tab * User defined Contexts * Session scope * Different modes * A scripting console * Authentication handling * More API support * Fine grained scanning controls * New and improved active and passive scanning rules For more details see the OWASP Blog post: http://owasp.blogspot.com/2013/01/owasp-zed-attack-proxy-v-200.html Many thanks to everyone who has contributed code, language files, enhancement requests, bug reports and general feedback. Simon -- OWASP ZAP Project leader
