API
FAQTop ExpertsChrome Extension
Sign in

Simon Bennetts

United Kingdom
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
Simon Bennetts is a software engineer and security tooling leader with 15 years' experience, best known as the long-time lead of the Zed Attack Proxy (ZAP) project—now part of the Software Security Project and recently integrated under Checkmarx. Based in Stockport, he blends project leadership with hands-on development across backend active-scan APIs and full‑stack UI work, contributing notable improvements like the ZAP HUD and browser CSP/header fixes. His career spans security automation at Mozilla and building teaching tools such as the BodgeIt vulnerable web app, reflecting a practical mix of hardening, developer tooling and community education. Pragmatic and direct, he values meaningful collaboration and has little patience for salesy outreach, preferring work that produces extensible, production-ready security features.
code15 years of coding experience
stackoverflow-logo

Stackoverflow

Stats
5,786reputation
418kreached
333answers
5questions
Badges
security
top-5%
github-logo-circle

Github Skills (61)

web-applications10
api-doc10
webapplications10
userscripts10
javascript10
web-application10
scripting10
jsp10
java10
security10
javas10
script10
jspx10
api10
webapplication10

Programming languages (27)

C#HandlebarsGoHTMLJupyter NotebookFreeMarkerPostScriptTypeScript

Github contributions (5)

github-logo-circle
zaproxy/zaproxy

Aug 2010 - Jan 2023

The ZAP by Checkmarx Core project
Role in this project:
userBackend Developer
Contributions:188 releases, 782 reviews, 3671 commits in 12 years 7 months
Contributions summary:Simon's commits primarily revolve around re-licensing code and modifying the active scan functionality within the ZAP project. These changes include the re-licensing of files, the addition of various options for controlling active scanning behavior, such as selecting a scan rule, and modifying the display of active scan results. The contributions involve modifying and extending functionality within the active scan API as well as adding UI components.
owasp-zapzap-developmentsecuritydastowasp
psiinon/bodgeit

Feb 2011 - Jan 2018

The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.
Role in this project:
userFull-stack Developer
Contributions:1 release, 28 commits, 2 PRs in 6 years 11 months
Contributions summary:Simon primarily contributed to the initial development and enhancement of the BodgeIt Store, a vulnerable web application. Their work involved setting up the core functionality, including database schema creation and data population using JavaServer Pages (JSP). The user added scoring features, updated UI elements such as the basket, login and contact pages, integrated a search function, and implemented security measures such as an anti-CSRF token.
vulnerablesecuritytestingweb-applicationpen-testing
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Privacy PolicyPrivacy Data SubjectsTerms of UseDo Not Sell My Info
Simon Bennetts