ZAP Marketplace

ZAP Marketplace contains ZAP add-ons which have been written by the ZAP team and the community. The add-ons help to extend the functionalities of ZAP. If you are using the latest version of ZAP then you can browse and download add-ons from within ZAP by clicking on this button in the toolbar:

add-ons button

You can also import the add-ons that you have downloaded manually via the “File / Load Add-on File…” menu option in the ZAP desktop.

Name ID Version Status Author Last Updated
Access Control Testing Repository Download
Adds a set of tools for testing access control in web applications.
accessControl 8 alpha ZAP Dev Team 2022-10-28
Active scanner rules Repository Download
The release status Active Scanner rules
ascanrules 49 release ZAP Dev Team 2022-10-27
Active scanner rules (alpha) Repository Download
The alpha status Active Scanner rules
ascanrulesAlpha 41 alpha ZAP Dev Team 2022-10-27
Active scanner rules (beta) Repository Download
The beta status Active Scanner rules
ascanrulesBeta 43 beta ZAP Dev Team 2022-10-27
Advanced SQLInjection Scanner Repository Download
An advanced active injection bundle for SQLi (derived by SQLMap)
sqliplugin 15 beta Andrea Pompili (Yhawke) 2021-10-20
Ajax Spider Repository Download
Allows you to spider sites that make heavy use of JavaScript using Crawljax
spiderAjax 23.10.0 release ZAP Dev Team 2022-10-27
Alert Filters Repository Download
Allows you to automate the changing of alert risk levels.
alertFilters 14 release ZAP Dev Team 2022-10-27
All In One Notes Repository Download
A simple extension to view all notes in one pane.
allinonenotes 2 alpha David Vassallo 2021-10-07
AMF Support Repository Download
Adds support for AMF messages
amf 3 alpha ZAP Dev Team 2021-10-07
Attack Surface Detector Repository Download
The Attack Surface Detector analyzes web application source code to generate endpoints that can be used for penetration testing.
attacksurfacedetector 1.1.4 alpha Secure Decisions (Matthew DeLetto) 2019-03-07
Authentication Statistics Repository Download
Records logged in/out statistics for all contexts in scope.
authstats 2 alpha ZAP Dev Team 2021-10-07
Automation Framework Repository Download
Automation Framework.
automation 0.19.0 beta ZAP Dev Team 2022-10-27
BeanShell Console Repository Download
Provides a BeanShell Console
beanshell 7 beta ZAP Dev Team 2021-10-07
Browser View Repository Download
Adds an option to render HTML responses like a browser
browserView 5 alpha ZAP Dev Team 2017-11-28
Bug Tracker Repository Download
Bug Tracker extension.
bugtracker 4 alpha ZAP Dev Team 2022-09-23
Call Graph Repository Download
Allows the user to view a call graph of the selected resources
callgraph 5 alpha Colm O'Flaherty 2021-10-07
Call Home Repository Download
Handles all of the calls to ZAP services.
callhome 0.6.0 release ZAP Dev Team 2022-12-02
Code Dx Extension Repository Download
Includes request and response data in XML reports and provides the ability to upload reports directly to a Code Dx server
codedx 9 alpha Code Dx, Inc. 2021-10-07
Collection: Pentester Pack Repository Download
A collection of add-ons ideal for pentesters
packpentester 0.1.0 alpha ZAP Dev Team 2022-05-12
Collection: Scan Rules Pack Repository Download
All of the add-ons just containing release, beta and alpha status scan rules
packscanrules 0.0.1 alpha ZAP Dev Team 2022-05-13
Common Library Repository Download
A common library, for use by other add-ons.
commonlib 1.11.0 release ZAP Dev Team 2022-10-27
Community Scripts Repository Download
Useful ZAP scripts written by the ZAP community.
communityScripts 15 alpha ZAP Community 2022-10-02
Core Language Files Repository Download
Translations of the core language files
coreLang 15 release ZAP Dev Team 2022-02-14
Custom Payloads Repository Download
Ability to add, edit or remove payloads that are used i.e. by active scanners
custompayloads 0.12.0 alpha ZAP Dev Team 2022-09-23
Database Repository Download
Provides database engines and related infrastructure.
database 0.1.0 alpha ZAP Dev Team 2022-10-27
Diff Repository Download
Displays a dialog showing the differences between 2 requests or responses. It uses diffutils and diff_match_patch
diff 12 beta ZAP Dev Team 2022-10-27
Directory List v1.0 Repository Download
List of directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv1 5 release ZAP Dev Team 2021-10-06
Directory List v2.3 Repository Download
Lists of directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv2_3 4 release ZAP Dev Team 2021-10-07
Directory List v2.3 LC Repository Download
Lists of lower case directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv2_3_lc 4 release ZAP Dev Team 2021-10-07
DOM XSS Active scanner rule Repository Download
DOM XSS Active scanner rule
domxss 14 release Aabha Biyani, ZAP Dev Team 2022-10-27
Encoder Repository Download
Adds encode/decode/hash dialog and support for scripted processors as well
encoder 0.7.0 beta ZAP Dev Team 2022-10-27
Eval Villain Repository Download
Adds the Eval Villain extension to Firefox when launched from ZAP.
evalvillain 0.1.1 alpha Dennis Goodlett and the ZAP Dev Team 2022-02-15
FileUpload Repository Download
Detect File upload requests and scan them to find related vulnerabilities
fileupload 1.1.0 alpha KSASAN [email protected] 2021-09-17
Forced Browse Repository Download
Forced browsing of files and directories using code from the OWASP DirBuster tool
bruteforce 12 beta ZAP Dev Team 2022-10-27
Form Handler Repository Download
This Form Handler Add-on allows a user to define field names and values to be used in a form's fields. Fields can be added, modified, enabled, and deleted for use in form fields.
formhandler 6.1.0 beta ZAP Dev Team 2022-10-27
FuzzDB Files Repository Download
FuzzDB files which can be used with the ZAP fuzzer
fuzzdb 9 release ZAP Dev Team 2022-09-23
FuzzDB Offensive Repository Download
FuzzDB web backdoors and attack files which can be used with the ZAP fuzzer or for manual penetration testing
fuzzdboffensive 4 release ZAP Dev Team 2021-06-11
Fuzzer Repository Download
Advanced fuzzer for manual testing
fuzz 13.8.0 beta ZAP Dev Team 2022-10-27
Getting Started with ZAP Guide Repository Download
A short Getting Started with ZAP Guide
gettingStarted 14 release ZAP Dev Team 2022-10-27
GraalVM JavaScript Repository Download
Provides the GraalVM JavaScript engine for ZAP scripting.
graaljs 0.3.0 alpha ZAP Dev Team 2022-10-27
GraphQL Support Repository Download
Inspect and attack GraphQL endpoints.
graphql 0.12.0 alpha ZAP Dev Team 2022-11-17
Groovy Support Repository Download
Adds Groovy support to ZAP
groovy 3.1.0 beta ZAP Dev Team 2021-10-07
Help - Arabic Repository Download
Arabic version of the ZAP help file.
help_ar_SA 1 alpha ZAP Crowdin Team 2022-01-18
Help - Bosnian Download
Bosnian version of the ZAP help file.
help_bs_BA 9 alpha ZAP Crowdin Team 2018-02-08
Help - Chinese Simplified Repository Download
Chinese Simplified version of the ZAP help file.
help_zh_CN 3 beta ZAP Crowdin Team 2022-01-18
Help - English Repository Download
English version of the ZAP help file.
help 15 release ZAP Crowdin Team 2022-10-27
Help - Filipino Repository Download
Filipino version of the ZAP help file.
help_fil_PH 3 alpha ZAP Crowdin Team 2022-01-18
Help - French Repository Download
French version of the ZAP help file.
help_fr_FR 10 alpha ZAP Crowdin Team 2022-01-18
Help - Indonesian Repository Download
Indonesian version of the ZAP help file.
help_id_ID 3 beta ZAP Crowdin Team 2022-01-18
Help - Japanese Repository Download
Japanese version of the ZAP help file.
help_ja_JP 10 beta ZAP Crowdin Team 2022-01-18
Help - Malay Repository Download
Malay version of the ZAP help file.
help_ms_MY 1 alpha ZAP Crowdin Team 2022-01-18
Help - Portuguese, Brazilian Repository Download
Portuguese, Brazilian version of the ZAP help file.
help_pt_BR 11 release ZAP Crowdin Team 2022-01-18
Help - Russian Repository Download
Russian version of the ZAP help file.
help_ru_RU 2 release ZAP Crowdin Team 2022-02-24
Help - Spanish Repository Download
Spanish version of the ZAP help file.
help_es_ES 10 release ZAP Crowdin Team 2022-01-18
Help - Turkish Repository Download
Turkish version of the ZAP help file.
help_tr_TR 2 release ZAP Crowdin Team 2022-01-18
Highlighter Repository Download
Allows you to highlight strings in the request and response tabs.
highlighter 8 alpha ZAP Dev Team 2021-10-07
HUD - Heads Up Display Repository Download
Display information from ZAP in browser.
hud 0.15.0 beta ZAP Dev Team 2022-10-27
Image Location and Privacy Scanner Repository Download
Image Location and Privacy Passive Scanner
imagelocationscanner 4 beta Jay Ball (veggiespam) and the ZAP Dev Team 2022-09-23
Import/Export Repository Download
Import and Export functionality
exim 0.3.0 beta ZAP Dev Team & thatsn0tmysite 2022-10-27
Invoke Applications Repository Download
Invoke external applications passing context related information such as URLs and parameters
invoke 12 beta ZAP Dev Team 2022-10-27
JSON View Repository Download
Adds a view that shows JSON messages nicely formatted
jsonview 2 alpha Juha Kivekäs 2021-10-07
JWT Support Repository Download
Detect JWT requests and scan them to find related vulnerabilities
jwt 1.0.2 alpha KSASAN [email protected] 2022-01-22
Kotlin Support Repository Download
Allows Kotlin to be used for ZAP scripting
kotlin 1.1.0 alpha StackHawk Engineering 2021-10-07
Levo.ai Repository Download
Build OpenAPI Specs with ZAP traffic using Levo.ai.
levoai 0.1.0 alpha Levo.ai 2022-11-11
Linux WebDrivers Repository Download
Linux WebDrivers for Firefox and Chrome.
webdriverlinux 47 release ZAP Dev Team 2022-12-01
MacOS WebDrivers Repository Download
MacOS WebDrivers for Firefox and Chrome.
webdrivermacos 48 release ZAP Dev Team 2022-12-01
Neonmarker Repository Download
Colors history table items based on tags
neonmarker 1.5.0 alpha Juha Kivekäs, Kingthorin 2022-07-11
Network Repository Download
Provides core networking capabilities.
network 0.5.0 beta ZAP Dev Team 2022-11-09
OAST Support Repository Download
Allows you to exploit out-of-band vulnerabilities
oast 0.13.0 beta ZAP Dev Team 2022-10-27
Online menus Repository Download
ZAP Online menu items
onlineMenu 10 release ZAP Dev Team 2022-10-27
OpenAPI Support Repository Download
Imports and spiders OpenAPI definitions.
openapi 30 beta ZAP Dev Team plus Joanna Bona, Nathalie Bouchahine, Artur Grzesica, Mohammad Kamar, Markus Kiss, Michal Materniak, Marcin Spiewak, and SDA SE Open Industry Solutions 2022-11-15
Parameter Digger Repository Download
Identify hidden, unlinked parameters. Useful for finding web cache poisoning vulnerabilities.
paramdigger 0.1.0 alpha ZAP Dev Team and Arkaprabha Chakraborty 2022-08-22
Passive scanner rules Repository Download
The release status Passive Scanner rules
pscanrules 44 release ZAP Dev Team 2022-10-27
Passive scanner rules (alpha) Repository Download
The alpha status Passive Scanner rules
pscanrulesAlpha 37 alpha ZAP Dev Team 2022-10-27
Passive scanner rules (beta) Repository Download
The beta status Passive Scanner rules
pscanrulesBeta 31 beta ZAP Dev Team 2022-10-27
Plug-n-Hack Configuration Repository Download
Supports the Mozilla Plug-n-Hack standard: https://developer.mozilla.org/en-US/docs/Plug-n-Hack.
plugnhack 13 beta ZAP Dev Team 2022-10-27
Port Scanner Repository Download
Allows to port scan a target server
portscan 10 beta ZAP Dev Team 2022-10-27
Python Scripting Repository Download
Allows Python to be used for ZAP scripting - templates included
jython 12 beta ZAP Dev Team 2021-10-07
Quick Start Repository Download
Provides a tab which allows you to quickly test a target application
quickstart 35 release ZAP Dev Team 2022-10-27
Reflect Download
Finds reflected parameters
reflect 0.0.11 alpha Caleb Kinney 2021-02-19
Regular Expression Tester Repository Download
Allows to test Regular Expressions
regextester 2 alpha ZAP Dev Team 2021-10-07
Replacer Repository Download
Easy way to replace strings in requests and responses.
replacer 11 release ZAP Dev Team 2022-10-27
Report Generation Repository Download
Official ZAP Reports.
reports 0.17.0 release ZAP Dev Team 2022-11-22
Requester Repository Download
Allows to manually edit and send messages.
requester 7.0.0 beta Surikato and the ZAP Dev Team 2022-10-27
Retest Repository Download
An add-on to retest for presence/absence of previously generated alerts.
retest 0.4.0 alpha ZAP Dev Team 2022-10-27
Retire.js Repository Download
Retire.js
retire 0.18.0 release Nikita Mundhada and the ZAP Dev Team 2022-12-02
Reveal Repository Download
Show hidden fields and enable disabled fields
reveal 5 release ZAP Dev Team 2022-10-27
Revisit Repository Download
Revisit a site at any time in the past using the session history
revisit 4 alpha ZAP Dev Team 2021-10-07
Ruby Scripting Repository Download
Allows Ruby to be used for ZAP scripting - templates included
jruby 8 beta ZAP Dev Team 2021-10-07
SAML Support Repository Download
Detect, Show, Edit, Fuzz SAML requests
saml 10 alpha ZAP Dev Team 2022-10-28
Script Console Repository Download
Supports all JSR 223 scripting languages
scripts 33 release ZAP Dev Team 2022-10-27
Selenium Repository Download
WebDriver provider and includes HtmlUnit browser
selenium 15.11.0 release ZAP Dev Team 2022-10-27
Sequence Repository Download
Gives the possibility of defining a sequence of requests to be scanned.
sequence 6 alpha ZAP Dev Team 2021-10-07
Server-Sent Events Repository Download
Allows you to view Server-Sent Events (SSE) communication.
sse 12 alpha ZAP Dev Team 2022-10-28
SOAP Support Repository Download
Imports and scans WSDL files containing SOAP endpoints.
soap 16 beta Alberto (albertov91) + ZAP Dev Team 2022-11-17
Spider Repository Download
Spider used for automatically finding URIs on a site.
spider 0.1.0 release ZAP Dev Team 2022-10-27
SVN Digger Files Repository Download
SVN Digger files which can be used with ZAP forced browsing
svndigger 4 release ZAP Dev Team 2021-10-07
Tips and Tricks Repository Download
Display ZAP Tips and Tricks
tips 10 beta ZAP Dev Team 2022-10-27
Token Generation and Analysis Repository Download
Allows you to generate and analyze pseudo random tokens, such as those used for session handling or CSRF protection
tokengen 15 beta ZAP Dev Team 2021-10-07
TreeTools Repository Download
Tools to add functionality to the tree view.
treetools 8 beta Carl Sampson 2021-10-07
ViewState Repository Download
ASP/JSF ViewState Decoder and Editor
viewstate 3 alpha Calum Hutton 2021-10-07
Wappalyzer - Technology Detection Repository Download
Technology detection using Wappalyzer: wappalyzer.com
wappalyzer 21.16.0 release ZAP Dev Team 2022-11-14
WebSockets Repository Download
Allows you to inspect WebSocket communication.
websocket 27 release ZAP Dev Team 2022-10-27
Windows WebDrivers Repository Download
Windows WebDrivers for Firefox and Chrome.
webdriverwindows 47 release ZAP Dev Team 2022-12-01
Zest - Graphical Security Scripting Language Repository Download
A graphical security scripting language, ZAPs macro language on steroids
zest 37 beta ZAP Dev Team 2022-10-27