OWASP ZAP, a tool for finding vulnerabilities in web applications
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers.
It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications.
Its also a great tool for experienced pentesters to use for manual security testing.
The packages for RHEL 8 and RHEL 7 are in each distribution’s respective Extra Packages for Enterprise Linux (EPEL) repository. The instructions for adding this repository diverge slightly between RHEL 8 and RHEL 7, which is why they’re listed separately below.
The EPEL repository can be added to RHEL 8 with the following command: