OWASP ZAP Security Scan
OWASP ZAP (Zed Attack Proxy) is an open-source Dynamic Application Security Testing (DAST) tool. It acts as an automated penetration tester — it crawls the application, sends malformed and adversarial requests, and reports security vulnerabilities it finds at runtime.