Bug#897142: RFP: zaproxy -- Testing tool for finding vulnerabilities in web applications
Package: wnpp
Severity: wishlist
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
* Package name : zaproxy
Version : 2.7.0
Upstream Author : OWASP
* URL : https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
* License : Apache-2.0
Programming Lang: Java
Description : Testing tool for finding vulnerabilities in web applications
The OWASP Zed Attack Proxy (ZAP) is an easy to use
integrated penetration testing tool for finding
vulnerabilities in web applications.
I believe that this package is well-suited for Debian
for several reasons.
It is one of OWASP's flagship projects, and it is
a great FLOSS application that is most comparable to
proprietary alternatives, such as Burp Suite.
Additionally, the Debianization work has already been
done by the Kali Linux project [1]. Though it is one
of the project's goals for packages to be contributed
back to Debian [2], there are many packages carried
exclusively by Kali that may appeal to Debian's
diverse user base.
I believe that OWASP ZAP is a good candidate for a
Kali package to be adopted within Debian considering
that there are no other web application pen-testing
tools with comparable functionality.
[1] http://git.kali.org/gitweb/?p=packages/zaproxy.git;a=summary
[2] https://docs.kali.org/policy/kali-linux-relationship-with-debian
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEJwCMxdBfG24Y2trvfWFEpid5MHIFAlrlGDgACgkQfWFEpid5
MHJvcgf8CygoGIOGuGLR6atlqalVCYE/yjSMFB0cy2iSYYLe4miQKIJZTA9qzSrs
O3ukDLxfvra2gYxgAjMPoY6ST3neHmm5ajQ++fKymtSr89J02PgBcP3H0eeIa20C
lk+dyTnJb248N5Vg+jqizhnMDRecnuRZQMrbL7Y7jLQ/TL+DTjQXWKT4Z9FPFbTC
oI/f7GYDu7xVgayuaBgVMnt+RLEoJMByEgriBeEVLU8FxtchP8jmXCXPNEv6wMwS
jSi7E7trWJirk8yjECW7QqXXcqtn5Uh9TeTykUfveun9fzGlTZINnJsW0eLX9HPc
g4c0a9bTirkpbo0VC1sh88Fz+YkKug==
=Q75n
-----END PGP SIGNATURE-----
Reply to: