ZAP Marketplace

ZAP Marketplace contains ZAP add-ons which have been written by the ZAP team and the community. The add-ons help to extend the functionalities of ZAP. If you are using the latest version of ZAP then you can browse and download add-ons from within ZAP by clicking on this button in the toolbar:

add-ons button

You can also import the add-ons that you have downloaded manually via the “File / Load Add-on File…” menu option in the ZAP desktop.

Name ID Version Status Author Last Updated
Access Control Testing Repository Download
Adds a set of tools for testing access control in web applications.
accessControl 7 alpha ZAP Dev Team 2021-10-07
Active scanner rules Repository Download
The release quality Active Scanner rules
ascanrules 42 release ZAP Dev Team 2021-11-29
Active scanner rules (alpha) Repository Download
The alpha quality Active Scanner rules
ascanrulesAlpha 32 alpha ZAP Dev Team 2021-10-07
Active scanner rules (beta) Repository Download
The beta quality Active Scanner rules
ascanrulesBeta 37 beta ZAP Dev Team 2021-10-07
Advanced SQLInjection Scanner Repository Download
An advanced active injection bundle for SQLi (derived by SQLMap)
sqliplugin 15 beta Andrea Pompili (Yhawke) 2021-10-20
Ajax Spider Repository Download
Allows you to spider sites that make heavy use of JavaScript using Crawljax
spiderAjax 23.7.0 release ZAP Dev Team 2021-11-02
Alert Filters Repository Download
Allows you to automate the changing of alert risk levels.
alertFilters 13 release ZAP Dev Team 2021-10-06
All In One Notes Repository Download
A simple extension to view all notes in one pane.
allinonenotes 2 alpha David Vassallo 2021-10-07
AMF Support Repository Download
Adds support for AMF messages
amf 3 alpha ZAP Dev Team 2021-10-07
Attack Surface Detector Repository Download
The Attack Surface Detector analyzes web application source code to generate endpoints that can be used for penetration testing.
attacksurfacedetector 1.1.4 alpha Secure Decisions (Matthew DeLetto) 2019-03-07
Authentication Statistics Repository Download
Records logged in/out statistics for all contexts in scope.
authstats 2 alpha ZAP Dev Team 2021-10-07
Automation Framework Repository Download
Automation Framework.
automation 0.8.0 alpha ZAP Dev Team 2021-11-02
BeanShell Console Repository Download
Provides a BeanShell Console
beanshell 7 beta ZAP Dev Team 2021-10-07
Browser View Repository Download
Adds an option to render HTML responses like a browser
browserView 5 alpha ZAP Dev Team 2017-11-28
Bug Tracker Repository Download
Bug Tracker extension.
bugtracker 3 alpha ZAP Dev Team 2021-10-07
Call Graph Repository Download
Allows the user to view a call graph of the selected resources
callgraph 5 alpha Colm O'Flaherty 2021-10-07
Call Home Repository Download
Handles all of the calls to ZAP services.
callhome 0.0.3 alpha ZAP Dev Team 2021-11-23
Code Dx Extension Repository Download
Includes request and response data in XML reports and provides the ability to upload reports directly to a Code Dx server
codedx 9 alpha Code Dx, Inc. 2021-10-07
Common Library Repository Download
A common library, for use by other add-ons.
commonlib 1.5.0 release ZAP Dev Team 2021-10-06
Community Scripts Repository Download
Useful ZAP scripts written by the ZAP community.
communityScripts 14 alpha ZAP Community 2021-11-01
Core Language Files Repository Download
Translations of the core language files
coreLang 14 release ZAP Dev Team 2021-11-02
Custom Payloads Repository Download
Ability to add, edit or remove payloads that are used i.e. by active scanners
custompayloads 0.11.0 alpha ZAP Dev Team 2021-10-07
Diff Repository Download
Displays a dialog showing the differences between 2 requests or responses. It uses diffutils and diff_match_patch
diff 11 beta ZAP Dev Team 2021-10-06
Directory List v1.0 Repository Download
List of directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv1 5 release ZAP Dev Team 2021-10-06
Directory List v2.3 Repository Download
Lists of directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv2_3 4 release ZAP Dev Team 2021-10-07
Directory List v2.3 LC Repository Download
Lists of lower case directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv2_3_lc 4 release ZAP Dev Team 2021-10-07
DOM XSS Active scanner rule Repository Download
DOM XSS Active scanner rule
domxss 11 beta Aabha Biyani, ZAP Dev Team 2021-10-06
Encoder Repository Download
Adds encode/decode/hash dialog and support for scripted processors as well
encoder 0.6.0 beta ZAP Dev Team 2021-10-06
FileUpload Repository Download
Detect File upload requests and scan them to find related vulnerabilities
fileupload 1.1.0 alpha KSASAN [email protected] 2021-09-17
Forced Browse Repository Download
Forced browsing of files and directories using code from the OWASP DirBuster tool
bruteforce 11 beta ZAP Dev Team 2021-10-06
Form Handler Repository Download
This Form Handler Add-on allows a user to define field names and values to be used in a form's fields. Fields can be added, modified, enabled, and deleted for use in form fields.
formhandler 4 beta ZAP Dev Team 2021-10-06
FuzzDB Files Repository Download
FuzzDB files which can be used with the ZAP fuzzer
fuzzdb 8 release ZAP Dev Team 2021-10-07
FuzzDB Offensive Repository Download
FuzzDB web backdoors and attack files which can be used with the ZAP fuzzer or for manual penetration testing
fuzzdboffensive 4 release ZAP Dev Team 2021-06-11
Fuzzer Repository Download
Advanced fuzzer for manual testing
fuzz 13.5.0 beta ZAP Dev Team 2021-11-04
Getting Started with ZAP Guide Repository Download
A short Getting Started with ZAP Guide
gettingStarted 13 release ZAP Dev Team 2021-10-06
GraalVM JavaScript Repository Download
Provides the GraalVM JavaScript engine for ZAP scripting.
graaljs 0.2.0 alpha ZAP Dev Team 2021-10-06
GraphQL Support Repository Download
Inspect and attack GraphQL endpoints.
graphql 0.7.0 alpha ZAP Dev Team 2021-11-01
Groovy Support Repository Download
Adds Groovy support to ZAP
groovy 3.1.0 beta ZAP Dev Team 2021-10-07
Help - Bosnian Download
Bosnian version of the ZAP help file.
help_bs_BA 9 alpha ZAP Crowdin Team 2018-02-08
Help - English Repository Download
English version of the ZAP help file.
help 12 release ZAP Crowdin Team 2021-10-06
Help - French Download
French version of the ZAP help file.
help_fr_FR 9 alpha ZAP Crowdin Team 2018-02-08
Help - Japanese Download
Japanese version of the ZAP help file.
help_ja_JP 9 beta ZAP Crowdin Team 2018-02-08
Help - Portuguese, Brazilian Download
Portuguese, Brazilian version of the ZAP help file.
help_pt_BR 10 release ZAP Crowdin Team 2018-02-08
Help - Spanish Download
Spanish version of the ZAP help file.
help_es_ES 9 release ZAP Crowdin Team 2018-02-08
Help - Turkish Download
Turkish version of the ZAP help file.
help_tr_TR 1 release ZAP Crowdin Team 2018-02-08
Help Chinese Simplified Download
Chinese Simplified version of the ZAP help file.
help_zh_CN 2 beta ZAP Crowdin Team 2018-02-08
Help Filipino Download
Filipino version of the ZAP help file.
help_fil_PH 2 alpha ZAP Crowdin Team 2018-02-08
Help Indonesian Download
Indonesian version of the ZAP help file.
help_id_ID 2 beta ZAP Crowdin Team 2018-02-08
Highlighter Repository Download
Allows you to highlight strings in the request and response tabs.
highlighter 8 alpha ZAP Dev Team 2021-10-07
HUD - Heads Up Display Repository Download
Display information from ZAP in browser.
hud 0.13.0 beta ZAP Dev Team 2021-10-06
Image Location and Privacy Scanner Repository Download
Image Location and Privacy Passive Scanner
imagelocationscanner 3 beta Jay Ball (veggiespam) and the ZAP Dev Team 2021-10-07
Import files containing URLs Repository Download
Adds an option to import a file of URLs. The file must be plain text with one URL per line.
importurls 8 beta ZAP Dev Team 2021-10-06
Invoke Applications Repository Download
Invoke external applications passing context related information such as URLs and parameters
invoke 11 beta ZAP Dev Team 2021-10-06
JSON View Repository Download
Adds a view that shows JSON messages nicely formatted
jsonview 2 alpha Juha Kivekäs 2021-10-07
JWT Support Repository Download
Detect JWT requests and scan them to find related vulnerabilities
jwt 1.0.1 alpha KSASAN [email protected] 2020-12-22
Kotlin Support Repository Download
Allows Kotlin to be used for ZAP scripting
kotlin 1.1.0 alpha StackHawk Engineering 2021-10-07
Linux WebDrivers Repository Download
Linux WebDrivers for Firefox and Chrome.
webdriverlinux 33 release ZAP Dev Team 2021-10-26
Log File Importer Repository Download
Allows you to import log files from ModSecurity and files previously exported from ZAP
importLogFiles 5 alpha Joseph Kirwin, ZAP Dev Team 2021-10-07
MacOS WebDrivers Repository Download
MacOS WebDrivers for Firefox and Chrome.
webdrivermacos 33 release ZAP Dev Team 2021-10-26
Neonmarker Repository Download
Colors history table items based on tags
neonmarker 1.4.0 alpha Juha Kivekäs, Kingthorin 2021-08-26
OAST Support Repository Download
Allows you to exploit out-of-band vulnerabilities
oast 0.5.0 alpha ZAP Dev Team 2021-10-06
Online menus Repository Download
ZAP Online menu items
onlineMenu 9 release ZAP Dev Team 2021-10-06
OpenAPI Support Repository Download
Imports and spiders OpenAPI definitions.
openapi 23 beta ZAP Dev Team plus Joanna Bona, Nathalie Bouchahine, Artur Grzesica, Mohammad Kamar, Markus Kiss, Michal Materniak, Marcin Spiewak, and SDA SE Open Industry Solutions 2021-10-06
Passive scanner rules Repository Download
The release quality Passive Scanner rules
pscanrules 36 release ZAP Dev Team 2021-10-06
Passive scanner rules (alpha) Repository Download
The alpha quality Passive Scanner rules
pscanrulesAlpha 34 alpha ZAP Dev Team 2021-10-07
Passive scanner rules (beta) Repository Download
The beta quality Passive Scanner rules
pscanrulesBeta 27 beta ZAP Dev Team 2021-10-07
Plug-n-Hack Configuration Repository Download
Supports the Mozilla Plug-n-Hack standard: https://developer.mozilla.org/en-US/docs/Plug-n-Hack.
plugnhack 12 beta ZAP Dev Team 2021-10-07
Port Scanner Repository Download
Allows to port scan a target server
portscan 9 beta ZAP Dev Team 2021-10-07
Python Scripting Repository Download
Allows Python to be used for ZAP scripting - templates included
jython 12 beta ZAP Dev Team 2021-10-07
Quick Start Repository Download
Provides a tab which allows you to quickly test a target application
quickstart 31 release ZAP Dev Team 2021-11-23
Reflect Download
Finds reflected parameters
reflect 0.0.11 alpha Caleb Kinney 2021-02-19
Regular Expression Tester Repository Download
Allows to test Regular Expressions
regextester 2 alpha ZAP Dev Team 2021-10-07
Replacer Repository Download
Easy way to replace strings in requests and responses.
replacer 9 beta ZAP Dev Team 2021-10-06
Report Generation Repository Download
Official ZAP Reports.
reports 0.9.1 release ZAP Dev Team 2021-10-14
Requester Repository Download
Request numbered panel.
requester 5 alpha Surikato 2021-10-07
Retest Repository Download
An add-on to retest for presence/absence of previously generated alerts.
retest 0.2.0 alpha ZAP Dev Team 2021-10-06
Retire.js Repository Download
Retire.js
retire 0.9.0 release Nikita Mundhada and the ZAP Dev Team 2021-10-06
Reveal Repository Download
Show hidden fields and enable disabled fields
reveal 4 release ZAP Dev Team 2021-10-06
Revisit Repository Download
Revisit a site at any time in the past using the session history
revisit 4 alpha ZAP Dev Team 2021-10-07
Ruby Scripting Repository Download
Allows Ruby to be used for ZAP scripting - templates included
jruby 8 beta ZAP Dev Team 2021-10-07
SAML Support Repository Download
Detect, Show, Edit, Fuzz SAML requests
saml 9 alpha ZAP Dev Team 2021-10-07
Save Raw Message Repository Download
Allows to save content of HTTP messages as binary
saverawmessage 6 release ZAP Dev Team 2021-10-06
Save XML Message Repository Download
Allows to save content of HTTP messages as XML
savexmlmessage 0.2.0 alpha thatsn0tmysite 2021-10-06
Script Console Repository Download
Supports all JSR 223 scripting languages
scripts 29 beta ZAP Dev Team 2021-10-06
Selenium Repository Download
WebDriver provider and includes HtmlUnit browser
selenium 15.5.1 release ZAP Dev Team 2021-11-28
Sequence Repository Download
Gives the possibility of defining a sequence of requests to be scanned.
sequence 6 alpha ZAP Dev Team 2021-10-07
Server-Sent Events Repository Download
Allows you to view Server-Sent Events (SSE) communication.
sse 10 alpha ZAP Dev Team 2021-10-07
SOAP Support Repository Download
Imports and scans WSDL files containing SOAP endpoints.
soap 11 alpha Alberto (albertov91) + ZAP Dev Team 2021-10-29
SVN Digger Files Repository Download
SVN Digger files which can be used with ZAP forced browsing
svndigger 4 release ZAP Dev Team 2021-10-07
Tips and Tricks Repository Download
Display ZAP Tips and Tricks
tips 9 beta ZAP Dev Team 2021-10-06
Token Generation and Analysis Repository Download
Allows you to generate and analyze pseudo random tokens, such as those used for session handling or CSRF protection
tokengen 15 beta ZAP Dev Team 2021-10-07
TreeTools Repository Download
Tools to add functionality to the tree view.
treetools 8 beta Carl Sampson 2021-10-07
ViewState Repository Download
ASP/JSF ViewState Decoder and Editor
viewstate 3 alpha Calum Hutton 2021-10-07
Wappalyzer - Technology Detection Repository Download
Technology detection using Wappalyzer: wappalyzer.com
wappalyzer 21.5.0 release ZAP Dev Team 2021-10-25
WebSockets Repository Download
Allows you to inspect WebSocket communication.
websocket 24 release ZAP Dev Team 2021-10-06
Windows WebDrivers Repository Download
Windows WebDrivers for Firefox and Chrome.
webdriverwindows 33 release ZAP Dev Team 2021-10-26
Zest - Graphical Security Scripting Language Repository Download
A graphical security scripting language, ZAPs macro language on steroids
zest 35 beta ZAP Dev Team 2021-10-06