Pricing type: Free
A framework for continuous, proactive and fully automated dynamic scanning against web apps/API.
See the website


Its core engine is OWASP ZAP Proxy (https://owasp.org/www-project-zap/). Taking advantage of the ZAP container, this project provides value as follows: - Easy automation(via fully working in CLI with yaml configuration) of API scanning based on OAS definition - Create users' own custom rules via yaml files - XML, HTML, JSON report generation

Related tools (Security Testing)

An on-path blackbox network traffic security testing tool


Automate web applications security assessments


It is a penetration testing tool that focuses on the web browser.

Web Application Security Scanner Framework