Zed Attack Proxy

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

Add-on repo
http://github.com/dradis/dradis-zap
Vendor website
https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project