Advanced access control testing and user access comparison
by Cosmin Stefan for OWASP Foundation
OWASP ZAP already has the capability to allow users to configure authentication methods, session management methods and Users for a web-application in order to automate the authentication/re-authentication process during scans. This project aims to enhance ZAP’s capabilities by adding a set of access control testing features and tools.