Most Helpful Review
I would like to see a version of “repeater” within OWASP ZAP, a tool capable of sending from one to 1000 of the same requests, but with preselected modified fields, changing from a predetermined word list, or manually created.
Pricing and Cost Advice
As Zap is free and open-source, with tons of features similar to those of commercial solutions, I would definitely recommend trying it out.
It's free and open, currently under the Apache 2 license. If ZAP does what you need it to do, selling a free solution is a very easy.
Answers from the Community
Compared 69% of the time.
Compared 9% of the time.
See more OWASP Zap competitors »
Compared 7% of the time.
Compared 62% of the time.
Compared 15% of the time.
See more PortSwigger Burp competitors »
Compared 6% of the time.
Also Known As
|Also Known As||Burp|
Zed Attack Proxy (ZAP) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible.
|Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.|
Learn more about OWASP Zap
Learn more about PortSwigger Burp
Information Not Available
|Maven Security Consulting, OWASP Italy, Penetration Testing Firm|