OWASP ZAP

Web proxy made by OWASP, also a web application vulnerability scanner.

Installation

❗ Do NOT download Oracle JRE with Firefox for the Windows 64-bit version. It will download the 32-bit and OWASP ZAP installer will fail to locate the JRE!

• Download Oracle Java JRE
• Download OWASP ZAP

Using ZAP behind a corporate proxy

• Menu Tools -> Options -> Connection
• Select checkbox “Use an outgoing proxy server”
• Add the proxy address and port and click “Add”.
• Enter * as the domain to apply this on all domains.
• Select “Outgoing proxy server requires authentication” if needed, and check “Prompt for credentials on startup” or they will be stored in clear text.