[Owasp-leaders] OWASP ZAP 1.4 and beyond

psiinon psiinon at gmail.com
Sun Jan 1 10:07:55 UTC 2012


Hi Christian,

I guess the main difference is that ZAP is an OWASP project :)
Oh, and its free and open source.
And you can contribute enhancements to the core product easily.
And I dont think there is an online repository of Burp extensions, but
please correct me if I'm wrong.

But you're right in that its not a radically new idea, lots of projects
(open and closed source) have gone down this route.

And yes, I was aware of the website redesign, but I wasnt sure if it was
going to extend to include an app store / market place.
Which was one of the reasons for posting to the Leaders list ;)

Cheers,

Simon

On Sat, Dec 31, 2011 at 8:32 PM, Christian Heinrich <
christian.heinrich at owasp.org> wrote:

> Simon,
>
> On Sat, Dec 31, 2011 at 10:31 PM, psiinon <psiinon at gmail.com> wrote:
> > First, to let you know about the new extensibility of ZAP - if you are
> > interested in developing a ZAP extension then please get in touch.
>
> Can you highlight the difference(s) with your approach compared to
> http://portswigger.net/burp/extender/ ?
>
> > Secondly to let you know about my plans for the online marketplace / app
> > store / whatever its going to be called.
> > I'm happy to do this on my own (well, probably with significant help from
> > other ZAP devs!), but it could also be useful to other OWASP projects.
> > Should this be (or potentially become) a generic OWASP infrastructure?
> > Are any of you interested in helping with it, or would any companies be
> > prepared to sponsor it?
>
> Are you aware of https://www.owasp.org/index.php/RFO_Web_Design ?
>
>
> --
> Regards,
> Christian Heinrich
> http://www.owasp.org/index.php/user:cmlh
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120101/feaac532/attachment.html>


More information about the OWASP-Leaders mailing list