ZAP Marketplace

ZAP Marketplace contains ZAP add-ons which have been written by the ZAP team and the community. The add-ons help to extend the functionalities of ZAP. If you are using the latest version of ZAP then you can browse and download add-ons from within ZAP by clicking on this button in the toolbar:

add-ons button

You can also import the add-ons that you have downloaded manually via the “File / Load Add-on File…” menu option in the ZAP desktop.

Name ID Version Status Author Last Updated
Access Control Testing Repository Download SBOM
Adds a set of tools for testing access control in web applications.
accessControl 10 alpha ZAP Dev Team 2024-03-25
Active scanner rules Repository Download SBOM
The release status Active Scanner rules
ascanrules 66 release ZAP Dev Team 2024-05-07
Active scanner rules (alpha) Repository Download SBOM
The alpha status Active Scanner rules
ascanrulesAlpha 47 alpha ZAP Dev Team 2024-03-28
Active scanner rules (beta) Repository Download SBOM
The beta status Active Scanner rules
ascanrulesBeta 53 beta ZAP Dev Team 2024-03-28
Advanced SQLInjection Scanner Repository Download
An advanced active injection bundle for SQLi (derived by SQLMap)
sqliplugin 15 beta Andrea Pompili (Yhawke) 2021-10-20
Ajax Spider Repository Download SBOM
Allows you to spider sites that make heavy use of JavaScript using Crawljax
spiderAjax 23.19.0 release ZAP Dev Team 2024-05-07
Alert Filters Repository Download SBOM
Allows you to automate the changing of alert risk levels.
alertFilters 21 release ZAP Dev Team 2024-05-07
All In One Notes Repository Download
A simple extension to view all notes in one pane.
allinonenotes 2 alpha David Vassallo 2021-10-07
Attack Surface Detector Repository Download
The Attack Surface Detector analyzes web application source code to generate endpoints that can be used for penetration testing.
attacksurfacedetector 1.1.4 alpha Secure Decisions (Matthew DeLetto) 2019-03-07
Authentication Helper Repository Download SBOM
Helps identify and set up authentication handling
authhelper 0.13.0 beta ZAP Dev Team 2024-05-07
Authentication Statistics Repository Download
Records logged in/out statistics for all contexts in scope.
authstats 2 alpha ZAP Dev Team 2021-10-07
Automation Framework Repository Download SBOM
Automation Framework.
automation 0.40.1 beta ZAP Dev Team 2024-05-28
BeanShell Console Repository Download
Provides a BeanShell Console
beanshell 7 beta ZAP Dev Team 2021-10-07
Browser View Repository Download
Adds an option to render HTML responses like a browser
browserView 6 alpha ZAP Dev Team 2023-03-13
Bug Tracker Repository Download
Bug Tracker extension.
bugtracker 4 alpha ZAP Dev Team 2022-09-23
Call Graph Repository Download
Allows the user to view a call graph of the selected resources
callgraph 5 alpha Colm O'Flaherty 2021-10-07
Call Home Repository Download SBOM
Handles all of the calls to ZAP services.
callhome 0.12.0 release ZAP Dev Team 2024-05-07
Client Side Integration Repository Download SBOM
Exposes client (browser) side information in ZAP using Firefox and Chrome extensions.
client 0.8.0 alpha ZAP Dev Team 2024-01-16
Code Dx Extension Download
Includes request and response data in XML reports and provides the ability to upload reports directly to a Code Dx server
codedx 9 alpha Code Dx, Inc. 2021-10-07
Collection: Pentester Pack Repository Download
A collection of add-ons ideal for pentesters
packpentester 0.1.0 alpha ZAP Dev Team 2022-05-12
Collection: Scan Rules Pack Repository Download
All of the add-ons just containing release, beta and alpha status scan rules
packscanrules 0.0.1 alpha ZAP Dev Team 2022-05-13
Common Library Repository Download SBOM
A common library, for use by other add-ons.
commonlib 1.26.0 release ZAP Dev Team 2024-05-10
Community Scripts Repository Download
Useful ZAP scripts written by the ZAP community.
communityScripts 18 alpha ZAP Community 2024-01-29
Core Language Files Repository Download
Translations of the core language files
coreLang 15 release ZAP Dev Team 2022-02-14
Custom Payloads Repository Download SBOM
Ability to add, edit or remove payloads that are used i.e. by active scanners
custompayloads 0.13.0 beta ZAP Dev Team 2023-11-10
Database Repository Download SBOM
Provides database engines and related infrastructure.
database 0.4.0 alpha ZAP Dev Team 2024-05-07
Dev Add-on Repository Download SBOM
An add-on to help with development of ZAP.
dev 0.5.0 alpha ZAP Dev Team 2024-01-10
Diff Repository Download SBOM
Displays a dialog showing the differences between 2 requests or responses. It uses diffutils and diff_match_patch
diff 15 beta ZAP Dev Team 2024-05-07
Directory List v1.0 Repository Download SBOM
List of directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv1 8 release ZAP Dev Team 2024-05-07
Directory List v2.3 Repository Download
Lists of directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv2_3 4 release ZAP Dev Team 2021-10-07
Directory List v2.3 LC Repository Download
Lists of lower case directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv2_3_lc 4 release ZAP Dev Team 2021-10-07
DOM XSS Active scanner rule Repository Download SBOM
DOM XSS Active scanner rule
domxss 19 release Aabha Biyani, ZAP Dev Team 2024-05-07
Encoder Repository Download SBOM
Adds encode/decode/hash dialog and support for scripted processors as well
encoder 1.5.0 release ZAP Dev Team 2024-05-07
Eval Villain Repository Download
Adds the Eval Villain extension to Firefox when launched from ZAP.
evalvillain 0.3.0 alpha Dennis Goodlett and the ZAP Dev Team 2023-09-26
FileUpload Repository Download
Detect File upload requests and scan them to find related vulnerabilities
fileupload 1.2.1 alpha KSASAN [email protected] 2023-10-23
Forced Browse Repository Download SBOM
Forced browsing of files and directories using code from the OWASP DirBuster tool
bruteforce 16 beta ZAP Dev Team 2024-05-07
FuzzDB Files Repository Download
FuzzDB files which can be used with the ZAP fuzzer
fuzzdb 9 release ZAP Dev Team 2022-09-23
FuzzDB Offensive Repository Download
FuzzDB web backdoors and attack files which can be used with the ZAP fuzzer or for manual penetration testing - contains files that may well be flagged by anti-virus tools
fuzzdboffensive 5 release ZAP Dev Team 2024-01-11
Fuzzer Repository Download SBOM
Advanced fuzzer for manual testing
fuzz 13.13.0 beta ZAP Dev Team 2024-05-07
Getting Started with ZAP Guide Repository Download SBOM
A short Getting Started with ZAP Guide
gettingStarted 17 release ZAP Dev Team 2024-05-07
GraalVM JavaScript Repository Download SBOM
Provides the GraalVM JavaScript engine for ZAP scripting.
graaljs 0.7.0 alpha ZAP Dev Team 2024-05-07
GraphQL Support Repository Download SBOM
Inspect and attack GraphQL endpoints.
graphql 0.24.0 alpha ZAP Dev Team 2024-05-07
Groovy Support Repository Download SBOM
Adds Groovy support to ZAP
groovy 3.2.0 beta ZAP Dev Team 2024-04-11
gRPC Support Repository Download SBOM
Inspect, attack gRPC endpoints, and decode protobuf messages.
grpc 0.0.1 alpha ZAP Dev Team 2024-05-21
Help - Arabic Repository Download
Arabic version of the ZAP help file.
help_ar_SA 1 alpha ZAP Crowdin Team 2022-01-18
Help - Bosnian Download
Bosnian version of the ZAP help file.
help_bs_BA 9 alpha ZAP Crowdin Team 2018-02-08
Help - Chinese Simplified Repository Download
Chinese Simplified version of the ZAP help file.
help_zh_CN 3 beta ZAP Crowdin Team 2022-01-18
Help - English Repository Download
English version of the ZAP help file.
help 18 release ZAP Crowdin Team 2024-05-07
Help - Filipino Repository Download
Filipino version of the ZAP help file.
help_fil_PH 3 alpha ZAP Crowdin Team 2022-01-18
Help - French Repository Download
French version of the ZAP help file.
help_fr_FR 10 alpha ZAP Crowdin Team 2022-01-18
Help - Indonesian Repository Download
Indonesian version of the ZAP help file.
help_id_ID 3 beta ZAP Crowdin Team 2022-01-18
Help - Japanese Repository Download
Japanese version of the ZAP help file.
help_ja_JP 10 beta ZAP Crowdin Team 2022-01-18
Help - Malay Repository Download
Malay version of the ZAP help file.
help_ms_MY 1 alpha ZAP Crowdin Team 2022-01-18
Help - Portuguese, Brazilian Repository Download
Portuguese, Brazilian version of the ZAP help file.
help_pt_BR 11 release ZAP Crowdin Team 2022-01-18
Help - Russian Repository Download
Russian version of the ZAP help file.
help_ru_RU 2 release ZAP Crowdin Team 2022-02-24
Help - Spanish Repository Download
Spanish version of the ZAP help file.
help_es_ES 10 release ZAP Crowdin Team 2022-01-18
Help - Turkish Repository Download
Turkish version of the ZAP help file.
help_tr_TR 2 release ZAP Crowdin Team 2022-01-18
Highlighter Repository Download
Allows you to highlight strings in the request and response tabs.
highlighter 8 alpha ZAP Dev Team 2021-10-07
HUD - Heads Up Display Repository Download
Display information from ZAP in browser.
hud 0.19.0 beta ZAP Dev Team 2024-05-07
Image Location and Privacy Scanner Repository Download SBOM
Image Location and Privacy Passive Scanner
imagelocationscanner 5 beta Jay Ball (veggiespam) and the ZAP Dev Team 2024-04-11
Import/Export Repository Download SBOM
Import and Export functionality
exim 0.9.0 beta ZAP Dev Team & thatsn0tmysite 2024-05-07
Invoke Applications Repository Download SBOM
Invoke external applications passing context related information such as URLs and parameters
invoke 15 beta ZAP Dev Team 2024-05-07
JSON View Repository Download
Adds a view that shows JSON messages nicely formatted
jsonview 3 alpha Juha Kivekäs 2023-09-07
JWT Support Repository Download
Detect JWT requests and scan them to find related vulnerabilities
jwt 1.0.3 alpha KSASAN [email protected] 2023-01-02
Kotlin Support Repository Download
Allows Kotlin to be used for ZAP scripting
kotlin 1.1.0 alpha StackHawk Engineering 2021-10-07
Levo.ai Repository Download
Build OpenAPI Specs with ZAP traffic using Levo.ai.
levoai 0.2.0 alpha Levo.ai 2022-12-26
Linux WebDrivers Repository Download SBOM
Linux WebDrivers for Firefox and Chrome.
webdriverlinux 88 release ZAP Dev Team 2024-05-25
MacOS WebDrivers Repository Download SBOM
MacOS WebDrivers for Firefox and Chrome.
webdrivermacos 88 release ZAP Dev Team 2024-05-25
Map Local Repository Download
Allows mapping of responses to content of a chosen local file.
maplocal 0.0.1 alpha Keindel (Andrey Maksimov) 2023-10-05
Neonmarker Repository Download
Colors history table items based on tags
neonmarker 1.6.0 alpha Juha Kivekäs, Kingthorin 2023-08-17
Network Repository Download SBOM
Provides core networking capabilities.
network 0.16.0 beta ZAP Dev Team 2024-05-07
OAST Support Repository Download SBOM
Allows you to exploit out-of-band vulnerabilities
oast 0.18.0 beta ZAP Dev Team 2024-05-07
Online menus Repository Download SBOM
ZAP Online menu items
onlineMenu 13 release ZAP Dev Team 2024-05-07
OpenAPI Support Repository Download SBOM
Imports and spiders OpenAPI definitions.
openapi 41 beta ZAP Dev Team plus Joanna Bona, Nathalie Bouchahine, Artur Grzesica, Mohammad Kamar, Markus Kiss, Michal Materniak, Marcin Spiewak, and SDA SE Open Industry Solutions 2024-05-10
Parameter Digger Repository Download
Identify hidden, unlinked parameters. Useful for finding web cache poisoning vulnerabilities.
paramdigger 0.2.0 alpha ZAP Dev Team and Arkaprabha Chakraborty 2023-06-06
Passive scanner rules Repository Download SBOM
The release status Passive Scanner rules
pscanrules 58 release ZAP Dev Team 2024-05-07
Passive scanner rules (alpha) Repository Download SBOM
The alpha status Passive Scanner rules
pscanrulesAlpha 42 alpha ZAP Dev Team 2024-01-16
Passive scanner rules (beta) Repository Download SBOM
The beta status Passive Scanner rules
pscanrulesBeta 37 beta ZAP Dev Team 2024-02-12
Plug-n-Hack Configuration Repository Download
Supports the Mozilla Plug-n-Hack standard: https://developer.mozilla.org/en-US/docs/Plug-n-Hack.
plugnhack 13 beta ZAP Dev Team 2022-10-27
Port Scanner Repository Download
Allows to port scan a target server
portscan 10 beta ZAP Dev Team 2022-10-27
Postman Support Repository Download SBOM
Imports and spiders Postman collections.
postman 0.4.0 alpha ZAP Dev Team 2024-05-07
Python Scripting Repository Download SBOM
Allows Python to be used for ZAP scripting - templates included
jython 15 beta ZAP Dev Team 2024-04-11
Quick Start Repository Download SBOM
Provides a tab which allows you to quickly test a target application
quickstart 47 release ZAP Dev Team 2024-05-07
Reflect Download
Finds reflected parameters
reflect 0.0.11 alpha Caleb Kinney 2021-02-19
Regular Expression Tester Repository Download
Allows to test Regular Expressions
regextester 2 alpha ZAP Dev Team 2021-10-07
Replacer Repository Download SBOM
Easy way to replace strings in requests and responses.
replacer 18 release ZAP Dev Team 2024-05-08
Report Generation Repository Download SBOM
Official ZAP Reports.
reports 0.32.0 release ZAP Dev Team 2024-05-07
Requester Repository Download SBOM
Allows to manually edit and send messages.
requester 7.6.0 beta Surikato and the ZAP Dev Team 2024-05-07
Retest Repository Download SBOM
An add-on to retest for presence/absence of previously generated alerts.
retest 0.9.0 alpha ZAP Dev Team 2024-05-07
Retire.js Repository Download SBOM
Retire.js
retire 0.35.0 release Nikita Mundhada and the ZAP Dev Team 2024-05-07
Reveal Repository Download SBOM
Show hidden fields and enable disabled fields
reveal 8 release ZAP Dev Team 2024-05-07
Revisit Repository Download SBOM
Revisit a site at any time in the past using the session history
revisit 5 alpha ZAP Dev Team 2023-10-23
Ruby Scripting Repository Download
Allows Ruby to be used for ZAP scripting - templates included
jruby 8 beta ZAP Dev Team 2021-10-07
SAML Support Repository Download
Detect, Show, Edit, Fuzz SAML requests
saml 10 alpha ZAP Dev Team 2022-10-28
Script Console Repository Download SBOM
Supports all JSR 223 scripting languages
scripts 45.4.0 release ZAP Dev Team 2024-05-16
Selenium Repository Download SBOM
WebDriver provider and includes HtmlUnit browser
selenium 15.24.0 release ZAP Dev Team 2024-05-21
Sequence Repository Download SBOM
Gives the possibility of defining a sequence of requests to be scanned.
sequence 7 alpha ZAP Dev Team 2023-10-23
Server-Sent Events Repository Download SBOM
Allows you to view Server-Sent Events (SSE) communication.
sse 13 alpha ZAP Dev Team 2024-05-21
SOAP Support Repository Download SBOM
Imports and scans WSDL files containing SOAP endpoints.
soap 23 beta Alberto (albertov91) + ZAP Dev Team 2024-05-07
Spider Repository Download SBOM
Spider used for automatically finding URIs on a site.
spider 0.11.0 release ZAP Dev Team 2024-05-07
SVN Digger Files Repository Download
SVN Digger files which can be used with ZAP forced browsing
svndigger 4 release ZAP Dev Team 2021-10-07
Technology Detection Repository Download SBOM
Technology detection using various fingerprints and identifiers.
wappalyzer 21.37.0 release ZAP Dev Team 2024-05-21
Tips and Tricks Repository Download SBOM
Display ZAP Tips and Tricks
tips 13 beta ZAP Dev Team 2024-05-07
Token Generation and Analysis Repository Download
Allows you to generate and analyze pseudo random tokens, such as those used for session handling or CSRF protection
tokengen 15 beta ZAP Dev Team 2021-10-07
TreeTools Repository Download
Tools to add functionality to the tree view.
treetools 8 beta Carl Sampson 2021-10-07
Value Generator Repository Download SBOM
This Value Generator Add-on allows a user to define field names and values to be used when submitting values to an app. Fields can be added, modified, enabled/disabled, and deleted.
formhandler 6.6.0 beta ZAP Dev Team 2024-05-07
ViewState Repository Download
ASP/JSF ViewState Decoder and Editor
viewstate 3 alpha Calum Hutton 2021-10-07
WebSockets Repository Download SBOM
Allows you to inspect WebSocket communication.
websocket 31 release ZAP Dev Team 2024-05-07
Windows WebDrivers Repository Download SBOM
Windows WebDrivers for Firefox and Chrome.
webdriverwindows 88 release ZAP Dev Team 2024-05-25
Zest - Graphical Security Scripting Language Repository Download SBOM
A graphical security scripting language, ZAPs macro language on steroids
zest 45 beta ZAP Dev Team 2024-05-07