ZAP Marketplace

ZAP Marketplace contains ZAP add-ons which have been written by the ZAP team and the community. The add-ons help to extend the functionalities of ZAP. If you are using the latest version of ZAP then you can browse and download add-ons from within ZAP by clicking on this button in the toolbar:

add-ons button

You can also import the add-ons that you have downloaded manually via the “File / Load Add-on File…” menu option in the ZAP desktop.

Name Version Status Author Last Updated
Access Control Testing Repository Download
Adds a set of tools for testing access control in web applications.
5 alpha ZAP Dev Team 2018-11-02
Active scanner rules Repository Download
The release quality Active Scanner rules
34 release ZAP Dev Team 2020-01-17
Active scanner rules (alpha) Repository Download
The alpha quality Active Scanner rules
27 alpha ZAP Dev Team 2019-12-16
Active scanner rules (beta) Repository Download
The beta quality Active Scanner rules
27 beta ZAP Dev Team 2019-12-16
Advanced SQLInjection Scanner Repository Download
An advanced active injection bundle for SQLi (derived by SQLMap)
13 beta Andrea Pompili (Yhawke) 2019-06-07
AdvFuzzer Repository Download
Advanced fuzzer for manual testing
12 beta ZAP Dev Team 2020-01-17
Ajax Spider Repository Download
Allows you to spider sites that make heavy use of JavaScript using Crawljax
23.1.0 release ZAP Dev Team 2020-01-17
Alert Filters Repository Download
Allows you to automate the changing of alert risk levels.
10 release ZAP Dev Team 2020-01-17
All In One Notes Repository Download
A simple extension to view all notes in one pane.
1 alpha David Vassallo 2019-06-18
AMF Repository Download
Adds support for AMF messages
2 alpha ZAP Dev Team 2017-11-28
Attack Surface Detector Repository Download
The Attack Surface Detector analyzes web application source code to generate endpoints that can be used for penetration testing.
1.1.4 alpha Secure Decisions (Matthew DeLetto) 2019-03-07
Authentication Statistics Repository Download
Records logged in/out statistics for all contexts in scope.
1 alpha ZAP Core Team 2017-11-28
BeanShell Console Repository Download
Provides a BeanShell Console
6 beta ZAP Dev Team 2017-11-27
Browser View Repository Download
Adds an option to render HTML responses like a browser
5 alpha ZAP Dev Team 2017-11-28
Bug Tracker Repository Download
Bug Tracker extension.
2 alpha ZAP Dev Team 2017-11-28
Call Graph Repository Download
Allows the user to view a call graph of the selected resources
4 alpha Colm O'Flaherty 2017-11-28
Code Dx Extension Repository Download
Includes request and response data in XML reports and provides the ability to upload reports directly to a Code Dx server
8 alpha Code Dx, Inc. 2019-08-23
Community Scripts Repository Download
Useful ZAP scripts written by the ZAP community.
9 alpha ZAP Community 2020-01-30
Custom Payloads Repository Download
Ability to add, edit or remove payloads that are used i.e. by active scanners
0.9.0 alpha ZAP Core Team 2019-10-31
CustomReport Repository Download
New HTML report module allows users to customize report content.
5 alpha Chienli Ma 2019-08-30
Diff Repository Download
Displays a dialog showing the differences between 2 requests or responses. It uses diffutils and diff_match_patch
10 beta ZAP Dev Team 2020-01-17
Directory List v1.0 Repository Download
List of directory names to be used with "Forced Browse" add-on.
4 release ZAP Dev Team 2020-01-17
Directory List v2.3 Repository Download
Lists of directory names to be used with "Forced Browse" add-on.
3 release ZAP Dev Team 2017-11-27
Directory List v2.3 LC Repository Download
Lists of lower case directory names to be used with "Forced Browse" add-on.
3 release ZAP Dev Team 2017-11-27
DOM XSS Active scanner rule Repository Download
DOM XSS Active scanner rule
9 alpha ZAP Dev Team 2019-06-12
Export Report Repository Download
Report Export module that allows users to customize content and export in a desired format.
6 alpha Goran Sarenkapa - JordanGS 2019-06-24
Forced Browse Repository Download
Forced browsing of files and directories using code from the OWASP DirBuster tool
9 beta ZAP Dev Team 2020-01-17
Form Handler Repository Download
This Form Handler Add-on allows a user to define field names and values to be used in a form's fields. Fields can be added, modified, enabled, and deleted for use in form fields.
2 alpha ZAP Dev Team 2018-10-26
FuzzDB files Repository Download
FuzzDB files which can be used with the ZAP fuzzer
5 release ZAP Dev Team 2019-06-27
FuzzDB Web Backdoors Repository Download
FuzzDB web backdoors which can be used with the ZAP fuzzer
2 release ZAP Dev Team 2020-01-30
Getting Started with ZAP Guide Repository Download
A short Getting Started with ZAP Guide
11 release ZAP Dev Team 2020-01-17
Groovy Scripting Repository Download
Allows Groovy to be used for ZAP scripting - templates included
2 alpha ZAP Dev Team 2018-04-19
Help - Bosnian Download
Bosnian version of the ZAP help file.
9 alpha ZAP Crowdin Team 2018-02-08
Help - English Repository Download
English version of the ZAP help file.
10 release ZAP Crowdin Team 2020-01-17
Help - French Download
French version of the ZAP help file.
9 alpha ZAP Crowdin Team 2018-02-08
Help - Japanese Download
Japanese version of the ZAP help file.
9 beta ZAP Crowdin Team 2018-02-08
Help - Portuguese, Brazilian Download
Portuguese, Brazilian version of the ZAP help file.
10 release ZAP Crowdin Team 2018-02-08
Help - Spanish Download
Spanish version of the ZAP help file.
9 release ZAP Crowdin Team 2018-02-08
Help - Turkish Download
Turkish version of the ZAP help file.
1 release ZAP Crowdin Team 2018-02-08
Help Chinese Simplified Download
Chinese Simplified version of the ZAP help file.
2 beta ZAP Crowdin Team 2018-02-08
Help Filipino Download
Filipino version of the ZAP help file.
2 alpha ZAP Crowdin Team 2018-02-08
Help Indonesian Download
Indonesian version of the ZAP help file.
2 beta ZAP Crowdin Team 2018-02-08
Highlighter Repository Download
Allows you to highlight strings in the request and response tabs.
7 alpha ZAP Dev Team 2018-05-30
HttpsInfo Repository Download
Displays HTTPS configuration information.
12 alpha ZAP Dev Team 2019-04-26
HUD - Heads Up Display Repository Download
Display information from ZAP in browser.
0.10.0 beta ZAP Dev Team 2020-02-04
Image Location and Privacy Scanner Repository Download
Image Location and Privacy Passive Scanner
1 beta Veggiespam and the ZAP Dev Team 2018-02-27
Import files containing URLs Repository Download
Adds an option to import a file of URLs. The file must be plain text with one URL per line.
7 beta ZAP Dev Team 2020-01-17
Invoke Applications Repository Download
Invoke external applications passing context related information such as URLs and parameters
10 beta ZAP Dev Team 2020-01-17
Json view Repository Download
Adds a view that shows JSON messages nicely formatted
1 alpha Juha Kivekäs 2018-02-08
Linux WebDrivers Repository Download
Linux WebDrivers for Firefox and Chrome.
16 release ZAP Dev Team 2020-01-17
Log File Importer Repository Download
Allows you to import log files from ModSecurity and files previously exported from ZAP
4 alpha ZAP Dev Team 2017-11-28
MacOS WebDrivers Repository Download
MacOS WebDrivers for Firefox and Chrome.
15 release ZAP Dev Team 2020-01-17
Neonmarker Repository Download
Colors history table items based on tags
1.1.0 alpha Juha Kivekäs, Kingthorin 2020-01-02
Online menus Repository Download
ZAP Online menu items
7 release ZAP Dev Team 2020-01-17
OpenAPI Support Repository Download
Imports and spiders OpenAPI definitions.
15 beta ZAP Core Team plus Joanna Bona, Nathalie Bouchahine, Artur Grzesica, Mohammad Kamar, Markus Kiss, Michal Materniak and Marcin Spiewak 2020-01-17
Passive scanner rules Repository Download
The release quality Passive Scanner rules
26 release ZAP Dev Team 2020-01-17
Passive scanner rules (alpha) Repository Download
The alpha quality Passive Scanner rules
26 alpha ZAP Dev Team 2019-12-16
Passive scanner rules (beta) Repository Download
The beta quality Passive Scanner rules
21 beta ZAP Dev Team 2019-12-16
Plug-n-Hack Configuration Repository Download
Supports the Mozilla Plug-n-Hack standard.
11 beta ZAP Dev Team 2017-11-27
Port Scanner Repository Download
Allows to port scan a target server
8 beta ZAP Dev Team 2017-11-27
Python Scripting Repository Download
Allows Python to be used for ZAP scripting - templates included
10 beta ZAP Dev Team 2018-05-08
Quick Start Repository Download
Provides a tab which allows you to quickly test a target application
28 release ZAP Dev Team 2020-02-04
Regular Expression Tester Repository Download
Allows to test Regular Expressions
1 alpha ZAP Dev Team 2019-06-20
Replacer Repository Download
Easy way to replace strings in requests and responses.
8 beta ZAP Dev Team 2020-01-17
Report alert generator Repository Download
Allows you to generate reports for alerts you specify in pdf or odt format
14 beta Talsoft SRL 2017-11-27
Requester Repository Download
Request numbered panel.
3 alpha Surikato 2018-10-15
Reveal Repository Download
Show hidden fields and enable disabled fields
3 release ZAP Dev Team 2020-01-17
Revisit Repository Download
Revisit a site at any time in the past using the session history
3 alpha ZAP Dev Team 2017-11-28
Ruby scripting Repository Download
Allows Ruby to be used for ZAP scripting - templates included
6 beta ZAP Dev Team 2017-11-27
SAML Extension Repository Download
Detect, Show, Edit, Fuzz SAML requests
8 alpha ZAP Dev Team 2019-08-30
Save Raw Message Repository Download
Allows to save content of HTTP messages as binary
5 release ZAP Dev Team 2020-01-17
Save XML Message Repository Download
Allows to save content of HTTP messages as XML
0.1.0 alpha thatsn0tmysite 2020-01-17
Script Console Repository Download
Supports all JSR 223 scripting languages
26 beta ZAP Dev Team 2020-01-17
Selenium Repository Download
WebDriver provider and includes HtmlUnit browser
15.1.0 release ZAP Dev Team 2020-01-17
Sequence Repository Download
Gives the possibility of defining a sequence of requests to be scanned.
5 alpha ZAP Dev Team 2017-11-28
Server-Sent Events Repository Download
Allows you to view Server-Sent Events (SSE) communication.
9 alpha ZAP Dev Team 2017-11-28
SVN Digger files Repository Download
SVN Digger files which can be used with ZAP forced browsing
3 beta ZAP Dev Team 2017-11-27
Tips and Tricks Repository Download
Display ZAP Tips and Tricks
7 beta ZAP Dev Team 2020-01-17
TLS Debug Repository Download
Provides a tab which allows to quickly debug a TLS/SSL connection
3 alpha P.M.J. Roth 2018-10-15
Token Generation and Analysis Repository Download
Allows you to generate and analyze pseudo random tokens, such as those used for session handling or CSRF protection
13 beta ZAP Dev Team 2019-07-15
TreeTools Repository Download
Tools to add functionality to the tree view.
7 beta Carl Sampson 2017-11-27
ViewState Repository Download
ASP/JSF ViewState Decoder and Editor
1 alpha Calum Hutton 2017-11-28
VulnCheck Extension Repository Download
list vulnerabilities from known databases
1 alpha ZAP Dev Team 2017-11-28
WAFP Extension Repository Download
Fingerprint web applications
2 alpha ZAP Dev Team 2017-11-28
Wappalyzer - Technology Detection Repository Download
Technology detection using Wappalyzer
16 alpha ZAP Dev Team 2020-01-27
WebSockets Repository Download
Allows you to inspect WebSocket communication.
21 release ZAP Dev Team 2020-01-17
Windows WebDrivers Repository Download
Windows WebDrivers for Firefox and Chrome.
16 release ZAP Dev Team 2020-01-17
Zest - Graphical Security Scripting Language Repository Download
A graphical security scripting language, ZAPs macro language on steroids
32 beta ZAP Dev Team 2020-01-24