ZAP Marketplace

ZAP Marketplace contains ZAP add-ons which have been written by the ZAP team and the community. The add-ons help to extend the functionalities of ZAP. If you are using the latest version of ZAP then you can browse and download add-ons from within ZAP by clicking on this button in the toolbar:

add-ons button

You can also import the add-ons that you have downloaded manually via the “File / Load Add-on File…” menu option in the ZAP desktop.

Name ID Version Status Author Last Updated
Access Control Testing Repository Download SBOM
Adds a set of tools for testing access control in web applications.
accessControl 10 alpha ZAP Dev Team 2024-03-25
Active scanner rules Repository Download SBOM
The release status Active Scanner rules
ascanrules 64 release ZAP Dev Team 2024-03-25
Active scanner rules (alpha) Repository Download SBOM
The alpha status Active Scanner rules
ascanrulesAlpha 46 alpha ZAP Dev Team 2024-01-26
Active scanner rules (beta) Repository Download SBOM
The beta status Active Scanner rules
ascanrulesBeta 52 beta ZAP Dev Team 2024-03-25
Advanced SQLInjection Scanner Repository Download
An advanced active injection bundle for SQLi (derived by SQLMap)
sqliplugin 15 beta Andrea Pompili (Yhawke) 2021-10-20
Ajax Spider Repository Download SBOM
Allows you to spider sites that make heavy use of JavaScript using Crawljax
spiderAjax 23.18.0 release ZAP Dev Team 2023-11-10
Alert Filters Repository Download SBOM
Allows you to automate the changing of alert risk levels.
alertFilters 19 release ZAP Dev Team 2023-11-16
All In One Notes Repository Download
A simple extension to view all notes in one pane.
allinonenotes 2 alpha David Vassallo 2021-10-07
Attack Surface Detector Repository Download
The Attack Surface Detector analyzes web application source code to generate endpoints that can be used for penetration testing.
attacksurfacedetector 1.1.4 alpha Secure Decisions (Matthew DeLetto) 2019-03-07
Authentication Helper Repository Download SBOM
Helps identify and set up authentication handling
authhelper 0.12.0 beta ZAP Dev Team 2024-02-06
Authentication Statistics Repository Download
Records logged in/out statistics for all contexts in scope.
authstats 2 alpha ZAP Dev Team 2021-10-07
Automation Framework Repository Download SBOM
Automation Framework.
automation 0.36.0 beta ZAP Dev Team 2024-03-25
BeanShell Console Repository Download
Provides a BeanShell Console
beanshell 7 beta ZAP Dev Team 2021-10-07
Browser View Repository Download
Adds an option to render HTML responses like a browser
browserView 6 alpha ZAP Dev Team 2023-03-13
Bug Tracker Repository Download
Bug Tracker extension.
bugtracker 4 alpha ZAP Dev Team 2022-09-23
Call Graph Repository Download
Allows the user to view a call graph of the selected resources
callgraph 5 alpha Colm O'Flaherty 2021-10-07
Call Home Repository Download SBOM
Handles all of the calls to ZAP services.
callhome 0.11.0 release ZAP Dev Team 2024-03-13
Client Side Integration Repository Download SBOM
Exposes client (browser) side information in ZAP using Firefox and Chrome extensions.
client 0.8.0 alpha ZAP Dev Team 2024-01-16
Code Dx Extension Download
Includes request and response data in XML reports and provides the ability to upload reports directly to a Code Dx server
codedx 9 alpha Code Dx, Inc. 2021-10-07
Collection: Pentester Pack Repository Download
A collection of add-ons ideal for pentesters
packpentester 0.1.0 alpha ZAP Dev Team 2022-05-12
Collection: Scan Rules Pack Repository Download
All of the add-ons just containing release, beta and alpha status scan rules
packscanrules 0.0.1 alpha ZAP Dev Team 2022-05-13
Common Library Repository Download SBOM
A common library, for use by other add-ons.
commonlib 1.23.0 release ZAP Dev Team 2024-03-25
Community Scripts Repository Download
Useful ZAP scripts written by the ZAP community.
communityScripts 18 alpha ZAP Community 2024-01-29
Core Language Files Repository Download
Translations of the core language files
coreLang 15 release ZAP Dev Team 2022-02-14
Custom Payloads Repository Download SBOM
Ability to add, edit or remove payloads that are used i.e. by active scanners
custompayloads 0.13.0 beta ZAP Dev Team 2023-11-10
Database Repository Download SBOM
Provides database engines and related infrastructure.
database 0.3.0 alpha ZAP Dev Team 2023-10-12
Dev Add-on Repository Download SBOM
An add-on to help with development of ZAP.
dev 0.5.0 alpha ZAP Dev Team 2024-01-10
Diff Repository Download SBOM
Displays a dialog showing the differences between 2 requests or responses. It uses diffutils and diff_match_patch
diff 14 beta ZAP Dev Team 2023-10-12
Directory List v1.0 Repository Download SBOM
List of directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv1 7 release ZAP Dev Team 2023-10-12
Directory List v2.3 Repository Download
Lists of directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv2_3 4 release ZAP Dev Team 2021-10-07
Directory List v2.3 LC Repository Download
Lists of lower case directory names to be used with Forced Browse or Fuzzer add-on.
directorylistv2_3_lc 4 release ZAP Dev Team 2021-10-07
DOM XSS Active scanner rule Repository Download SBOM
DOM XSS Active scanner rule
domxss 18 release Aabha Biyani, ZAP Dev Team 2023-10-12
Encoder Repository Download SBOM
Adds encode/decode/hash dialog and support for scripted processors as well
encoder 1.4.0 release ZAP Dev Team 2023-10-12
Eval Villain Repository Download
Adds the Eval Villain extension to Firefox when launched from ZAP.
evalvillain 0.3.0 alpha Dennis Goodlett and the ZAP Dev Team 2023-09-26
FileUpload Repository Download
Detect File upload requests and scan them to find related vulnerabilities
fileupload 1.2.1 alpha KSASAN [email protected] 2023-10-23
Forced Browse Repository Download SBOM
Forced browsing of files and directories using code from the OWASP DirBuster tool
bruteforce 15 beta ZAP Dev Team 2023-10-12
FuzzDB Files Repository Download
FuzzDB files which can be used with the ZAP fuzzer
fuzzdb 9 release ZAP Dev Team 2022-09-23
FuzzDB Offensive Repository Download
FuzzDB web backdoors and attack files which can be used with the ZAP fuzzer or for manual penetration testing - contains files that may well be flagged by anti-virus tools
fuzzdboffensive 5 release ZAP Dev Team 2024-01-11
Fuzzer Repository Download SBOM
Advanced fuzzer for manual testing
fuzz 13.12.0 beta ZAP Dev Team 2023-10-12
Getting Started with ZAP Guide Repository Download SBOM
A short Getting Started with ZAP Guide
gettingStarted 16 release ZAP Dev Team 2023-10-12
GraalVM JavaScript Repository Download SBOM
Provides the GraalVM JavaScript engine for ZAP scripting.
graaljs 0.5.0 alpha ZAP Dev Team 2023-10-12
GraphQL Support Repository Download SBOM
Inspect and attack GraphQL endpoints.
graphql 0.23.0 alpha ZAP Dev Team 2024-02-22
Groovy Support Repository Download
Adds Groovy support to ZAP
groovy 3.1.0 beta ZAP Dev Team 2021-10-07
Help - Arabic Repository Download
Arabic version of the ZAP help file.
help_ar_SA 1 alpha ZAP Crowdin Team 2022-01-18
Help - Bosnian Download
Bosnian version of the ZAP help file.
help_bs_BA 9 alpha ZAP Crowdin Team 2018-02-08
Help - Chinese Simplified Repository Download
Chinese Simplified version of the ZAP help file.
help_zh_CN 3 beta ZAP Crowdin Team 2022-01-18
Help - English Repository Download
English version of the ZAP help file.
help 17 release ZAP Crowdin Team 2023-10-12
Help - Filipino Repository Download
Filipino version of the ZAP help file.
help_fil_PH 3 alpha ZAP Crowdin Team 2022-01-18
Help - French Repository Download
French version of the ZAP help file.
help_fr_FR 10 alpha ZAP Crowdin Team 2022-01-18
Help - Indonesian Repository Download
Indonesian version of the ZAP help file.
help_id_ID 3 beta ZAP Crowdin Team 2022-01-18
Help - Japanese Repository Download
Japanese version of the ZAP help file.
help_ja_JP 10 beta ZAP Crowdin Team 2022-01-18
Help - Malay Repository Download
Malay version of the ZAP help file.
help_ms_MY 1 alpha ZAP Crowdin Team 2022-01-18
Help - Portuguese, Brazilian Repository Download
Portuguese, Brazilian version of the ZAP help file.
help_pt_BR 11 release ZAP Crowdin Team 2022-01-18
Help - Russian Repository Download
Russian version of the ZAP help file.
help_ru_RU 2 release ZAP Crowdin Team 2022-02-24
Help - Spanish Repository Download
Spanish version of the ZAP help file.
help_es_ES 10 release ZAP Crowdin Team 2022-01-18
Help - Turkish Repository Download
Turkish version of the ZAP help file.
help_tr_TR 2 release ZAP Crowdin Team 2022-01-18
Highlighter Repository Download
Allows you to highlight strings in the request and response tabs.
highlighter 8 alpha ZAP Dev Team 2021-10-07
HUD - Heads Up Display Repository Download
Display information from ZAP in browser.
hud 0.18.0 beta ZAP Dev Team 2023-10-12
Image Location and Privacy Scanner Repository Download
Image Location and Privacy Passive Scanner
imagelocationscanner 4 beta Jay Ball (veggiespam) and the ZAP Dev Team 2022-09-23
Import/Export Repository Download SBOM
Import and Export functionality
exim 0.8.0 beta ZAP Dev Team & thatsn0tmysite 2023-11-10
Invoke Applications Repository Download SBOM
Invoke external applications passing context related information such as URLs and parameters
invoke 14 beta ZAP Dev Team 2023-10-12
JSON View Repository Download
Adds a view that shows JSON messages nicely formatted
jsonview 3 alpha Juha Kivekäs 2023-09-07
JWT Support Repository Download
Detect JWT requests and scan them to find related vulnerabilities
jwt 1.0.3 alpha KSASAN [email protected] 2023-01-02
Kotlin Support Repository Download
Allows Kotlin to be used for ZAP scripting
kotlin 1.1.0 alpha StackHawk Engineering 2021-10-07
Levo.ai Repository Download
Build OpenAPI Specs with ZAP traffic using Levo.ai.
levoai 0.2.0 alpha Levo.ai 2022-12-26
Linux WebDrivers Repository Download SBOM
Linux WebDrivers for Firefox and Chrome.
webdriverlinux 76 release ZAP Dev Team 2024-03-21
MacOS WebDrivers Repository Download SBOM
MacOS WebDrivers for Firefox and Chrome.
webdrivermacos 76 release ZAP Dev Team 2024-03-21
Map Local Repository Download
Allows mapping of responses to content of a chosen local file.
maplocal 0.0.1 alpha Keindel (Andrey Maksimov) 2023-10-05
Neonmarker Repository Download
Colors history table items based on tags
neonmarker 1.6.0 alpha Juha Kivekäs, Kingthorin 2023-08-17
Network Repository Download SBOM
Provides core networking capabilities.
network 0.15.0 beta ZAP Dev Team 2024-03-25
OAST Support Repository Download SBOM
Allows you to exploit out-of-band vulnerabilities
oast 0.17.0 beta ZAP Dev Team 2023-10-12
Online menus Repository Download SBOM
ZAP Online menu items
onlineMenu 12 release ZAP Dev Team 2023-10-12
OpenAPI Support Repository Download SBOM
Imports and spiders OpenAPI definitions.
openapi 39 beta ZAP Dev Team plus Joanna Bona, Nathalie Bouchahine, Artur Grzesica, Mohammad Kamar, Markus Kiss, Michal Materniak, Marcin Spiewak, and SDA SE Open Industry Solutions 2024-01-26
Parameter Digger Repository Download
Identify hidden, unlinked parameters. Useful for finding web cache poisoning vulnerabilities.
paramdigger 0.2.0 alpha ZAP Dev Team and Arkaprabha Chakraborty 2023-06-06
Passive scanner rules Repository Download SBOM
The release status Passive Scanner rules
pscanrules 56 release ZAP Dev Team 2024-02-16
Passive scanner rules (alpha) Repository Download SBOM
The alpha status Passive Scanner rules
pscanrulesAlpha 42 alpha ZAP Dev Team 2024-01-16
Passive scanner rules (beta) Repository Download SBOM
The beta status Passive Scanner rules
pscanrulesBeta 37 beta ZAP Dev Team 2024-02-12
Plug-n-Hack Configuration Repository Download
Supports the Mozilla Plug-n-Hack standard: https://developer.mozilla.org/en-US/docs/Plug-n-Hack.
plugnhack 13 beta ZAP Dev Team 2022-10-27
Port Scanner Repository Download
Allows to port scan a target server
portscan 10 beta ZAP Dev Team 2022-10-27
Postman Support Repository Download SBOM
Imports and spiders Postman collections.
postman 0.2.0 alpha ZAP Dev Team 2023-10-12
Python Scripting Repository Download SBOM
Allows Python to be used for ZAP scripting - templates included
jython 14 beta ZAP Dev Team 2023-12-19
Quick Start Repository Download SBOM
Provides a tab which allows you to quickly test a target application
quickstart 45 release ZAP Dev Team 2024-03-25
Reflect Download
Finds reflected parameters
reflect 0.0.11 alpha Caleb Kinney 2021-02-19
Regular Expression Tester Repository Download
Allows to test Regular Expressions
regextester 2 alpha ZAP Dev Team 2021-10-07
Replacer Repository Download SBOM
Easy way to replace strings in requests and responses.
replacer 16 release ZAP Dev Team 2023-11-30
Report Generation Repository Download SBOM
Official ZAP Reports.
reports 0.31.0 release ZAP Dev Team 2024-03-25
Requester Repository Download SBOM
Allows to manually edit and send messages.
requester 7.5.0 beta Surikato and the ZAP Dev Team 2024-03-25
Retest Repository Download SBOM
An add-on to retest for presence/absence of previously generated alerts.
retest 0.8.0 alpha ZAP Dev Team 2023-10-12
Retire.js Repository Download SBOM
Retire.js
retire 0.33.0 release Nikita Mundhada and the ZAP Dev Team 2024-03-21
Reveal Repository Download SBOM
Show hidden fields and enable disabled fields
reveal 7 release ZAP Dev Team 2023-10-12
Revisit Repository Download SBOM
Revisit a site at any time in the past using the session history
revisit 5 alpha ZAP Dev Team 2023-10-23
Ruby Scripting Repository Download
Allows Ruby to be used for ZAP scripting - templates included
jruby 8 beta ZAP Dev Team 2021-10-07
SAML Support Repository Download
Detect, Show, Edit, Fuzz SAML requests
saml 10 alpha ZAP Dev Team 2022-10-28
Script Console Repository Download SBOM
Supports all JSR 223 scripting languages
scripts 45.1.0 release ZAP Dev Team 2024-03-25
Selenium Repository Download SBOM
WebDriver provider and includes HtmlUnit browser
selenium 15.19.0 release ZAP Dev Team 2024-02-22
Sequence Repository Download SBOM
Gives the possibility of defining a sequence of requests to be scanned.
sequence 7 alpha ZAP Dev Team 2023-10-23
Server-Sent Events Repository Download
Allows you to view Server-Sent Events (SSE) communication.
sse 12 alpha ZAP Dev Team 2022-10-28
SOAP Support Repository Download SBOM
Imports and scans WSDL files containing SOAP endpoints.
soap 22 beta Alberto (albertov91) + ZAP Dev Team 2024-03-25
Spider Repository Download SBOM
Spider used for automatically finding URIs on a site.
spider 0.10.0 release ZAP Dev Team 2024-02-12
SVN Digger Files Repository Download
SVN Digger files which can be used with ZAP forced browsing
svndigger 4 release ZAP Dev Team 2021-10-07
Tips and Tricks Repository Download SBOM
Display ZAP Tips and Tricks
tips 12 beta ZAP Dev Team 2023-10-12
Token Generation and Analysis Repository Download
Allows you to generate and analyze pseudo random tokens, such as those used for session handling or CSRF protection
tokengen 15 beta ZAP Dev Team 2021-10-07
TreeTools Repository Download
Tools to add functionality to the tree view.
treetools 8 beta Carl Sampson 2021-10-07
Value Generator Repository Download SBOM
This Value Generator Add-on allows a user to define field names and values to be used when submitting values to an app. Fields can be added, modified, enabled/disabled, and deleted.
formhandler 6.5.0 beta ZAP Dev Team 2023-10-12
ViewState Repository Download
ASP/JSF ViewState Decoder and Editor
viewstate 3 alpha Calum Hutton 2021-10-07
Wappalyzer - Technology Detection Repository Download SBOM
Technology detection using Wappalyzer: wappalyzer.com
wappalyzer 21.32.0 release ZAP Dev Team 2024-03-04
WebSockets Repository Download SBOM
Allows you to inspect WebSocket communication.
websocket 30 release ZAP Dev Team 2023-10-12
Windows WebDrivers Repository Download SBOM
Windows WebDrivers for Firefox and Chrome.
webdriverwindows 76 release ZAP Dev Team 2024-03-21
Zest - Graphical Security Scripting Language Repository Download SBOM
A graphical security scripting language, ZAPs macro language on steroids
zest 43 beta ZAP Dev Team 2023-12-19