The OWASP Foundationhttp://www.owasp.orgCopyright The OWASP
FoundationPermission is granted to copy, distriute and/or modi!y
this document under the terms o! the OWASP "icense.OWASP
AppSec#urope $%&&An 'ntroduction to (APThe OWASP Zed Attack
ProxySimon )ennettsSage UK LtdOWASP ZAP Project
Leadpsiinon*gmai+.com$The 'ntroduction, The statement, -ou cannot
ui+d secure we app+ications un+ess you.now how to attac. them, The
pro+em, For many de/e+opers 0penetration testing1 is a +ac. art,
The so+ution, Teach asic pentesting techni2ues to de/e+opersThan.s
to 3oyston 3oertson www.roystonroertson.co.u. !or permission to use
his cartoon45The Ca/eatThis is in addition to:, Teaching secure
coding techni2ues, Teaching aout common /u+nerai+ities6e.g. OWASP
top &%7, Secure 8e/e+opment So!tware "i!ecyc+e, Static source
code ana+ysis, Code re/iews, Pro!essiona+ pentesting, 9:The (ed
Attac. Pro;y, 3e+eased Septemer $%&%, #ase o! use a priority,
Comprehensi/e he+p pages, Free, Open source, Cross p+at!orm, A !or.
o! the we++ regarded Paros Pro;y, 'n/o+/ement acti/e+y encouraged,
Adopted y OWASP Octoer $%&%ersion &.$.% down+oaded ? @5%%
times, >ersion &.5.% Aust re+eased, < main coders,
&< contriutors, Fu++y internationa+iBed, Trans+ated into =
+anguages:)raBi+ian Portuguese, Chinese, French, Cerman, Cree.,
'ndonesian, Dapanese, Po+ish, Spanish, Eost+y used y Pro!essiona+
PentestersF, Paros code: G