2022 was an eventful year for ZAP, and mostly a very successful one.
- Published 1 major release
- Published more than 200 add-on releases
- Took part in 1 online conference
- Reached 10,000 GitHub stars
- Were confirmed as a GitHub Top 1000 project
According to Open Hub we had a total of 2528 commits across the 4 main repos thanks to 63 contributors.
- Number of Times ZAP was Started: 14 Million
- Number of Active Scans: 9 Million
- Number of Alerts Raised: 5.6 Billion
- Number of Active Scan Messages Sent: 15 Billion
This website has seen a steady stream of new content throughout the year.
- In January we started strongly with an all new and very comprehensive Contributing Guide.
- In February we added the Mission Statement and Core Team pages.
- In March we added many more Statistics and the Test Scans page where you can see how well ZAP does against a growing set of vulnerable apps. To date we are not aware of any other web scanner that published this information.
- The Burp to ZAP Feature Map was added in April.
- July saw us add the Constants page to help anyone using the ZAP API and scripts as well as the start of the ZAP History pages.
- The Roadmap was added in September, the same month we started publishing monthly updates.
- And over the year we published 21 Blog Posts.
In February we announced the new ZAP networking layer.
This was a major change to the ZAP networking stack but one that was necessary in order to support more modern protocols. Significant work continued on the networking code throughout 2022.
This has culminated in full support for HTTP/2 in the latest weekly releases.
ZAPCon was held on March 8th-9th and was very successful. Over 5 thousand people registered and all of the videos are available online.
It is a shame that due to subsequent events this is likely to be the last such event for the foreseeable future.
In June we lost our previous Platinum sponsor and I asked the community for help funding ZAP development.
I was blown away by the responses and was in the very fortunate position to receive a significant number of very generous offers of support.
This was a major release for us and included:
- The new networking add-on
- Migration of the standard spider to an add-on
- Multi-threaded Passive Scanner
- Bit.ly telemetry removal
- Scan rule promotions
- Dependency updates
- New add-ons
- Desktop HTML injection fix
We have only just released ZAP 2.12.0 … but we are actually planning to release ZAP 2.13.0 in the relatively near future!
Stay tuned for more announcements about this surprise release soon 😁.
Thank you to everyone who has contributed to ZAP in any way, and wishing you all a successful and secure 2023!