From the course: Software Testing: Tools
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Vulnerability scanners
- [Instructor] Testers who want to understand more about an application's security and how to find security vulnerabilities should consider looking into vulnerability scanners. These tools can offer even inexperienced engineers a glimpse into the world the white hat hacker. The OWASP Zed Attack Proxy, or ZAP, is one of the world's most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you're developing and testing your apps. It's also a great tool for experienced pentesters to use for manual security testing. Being supported by such a huge team and distributed completely for free certainly makes OWASP ZAP one of the more attractive offerings in the pentesting community. Running cross-platform is a big benefit for pentesters, especially when an application can run on a Raspberry Pi, like a OWASP ZAP can. Acting as a man-in-the-middle proxy, OWASP ZAP…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.