Zed Attack Proxy

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding…

21 Alternatives To Zed Attack Proxy

Acunetix

Audit your website security and web applications for SQL injection, Cross site scripting and other…
images/2020/04/Burp-Suite.png}}

Burp Suite

Burp Suite is an integrated platform for performing security testing of web applications.

Charles

HTTP proxy / HTTP monitor / Reverse Proxy

Fiddler

Fiddler is a debugging program for websites.
images/2020/04/HTTP-Debugger.png}}

HTTP Debugger

Debug HTTP API calls to a back-end and between back-ends. Easy of use, clean UI, and short ramp-up time. Not a proxy, no network issues!

HTTP Toolkit

Beautiful, cross-platform & open-source tools to debug, test & build with HTTP(S). One-click setup for browsers, servers, CLI tools, scripts and more.

HTTPCS Security

Cyber security solution for protecting websites and web apps

IronWASP

Learn, download and use the most flexible and powerful web application security testing framework.

Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web…

Postman Collections

Biggest library of ready-made API collections for Postman

Proxyman

An modern and intuitive HTTP debugging proxy on macOS & iOS https://proxyman.io

PunkSPIDER

PunkSPIDER is a global-reaching web application vulnerability search engine.

SecApps

Find security vulnerabilities right from your browser.
images/2020/04/Shodan.png}}

Shodan

Shodan is the world’s first search engine for Internet-connected devices.

Tamper Data

Firefox add-on that lets you change headers and request parameters before they’re sent to the…
images/2020/04/Websecurify.png}}

Websecurify

Websecurify free and premium security tools automatically scan websites for vulnerabilities like SQL Injection, Cross-site Scripting and others
images/2020/03/wireshark.png}}

Wireshark

Wireshark is a network protocol analyzer for Unix and Windows. It lets you capture and interactively browse the traffic running on a computer network.

ZoomEye

Network mapping service

mitmproxy

mitmproxy is an SSL-capable man-in-the-middle proxy for HTTP.

skipfish

A fully automated, active web application security reconnaissance tool.

w3af

w3af is a Web Application Attack and Audit Framework