This toolbar provides a set of controls for commonly used functionality.
This allows you to change the current mode.
 New Session
 New Session This button is the same as the File menu ‘New Session’ menu item.
 Open Session
 Open Session This button is the same as the File menu ‘Open Session’ menu item.
 Persist Session…
 Persist Session… This button is the same as the File menu ‘Persist Session…’ menu item.
This button is the same as the File menu ‘Snapshot Session’ menu item.
 Session Properties…
 Session Properties… This button is the same as the File menu ‘Properties…’ menu item.
 Options…
 Options… This button is the same as the Tools menu ‘Options…’ menu item.
 Dynamically switch the Look and Feel
 Dynamically switch the Look and Feel This allows you to dynamically switch the Look and Feel which defines the appearance of the ZAP Desktop UI and includes support for ‘Dark Modes’.
 Show all tabs
 Show all tabs This button reveals all of the hidden tabs.
 Hide unpinned tabs
 Hide unpinned tabs This button hides all of the tabs that are ‘unpinned’. Tabs can be pinned and unpinned via the small ‘pin’ icon that is shown when the tab is selected.
 Show Tab Names and Icons
 Show Tab Names and Icons This button toggles the displaying of the tab names.
 Expand Sites Tab
 Expand Sites Tab This changes the display so that the ’tree’ window containing the Sites tab extends for the full length of the left hand side.
This will reduce the amount of space available to the ‘information’ window.
 Expand Information Tabs
 Expand Information Tabs This changes the display so that the ‘information’ window extends for the full length of the bottom.
This will reduce the amount of space available to the ’tree’ window.
 Full Layout
 Full Layout This changes the display so that the selected tab takes up the full screen.
This is useful when using ZAP on small screens.
 Request and Response Tabs Side by Side
 Request and Response Tabs Side by Side This changes the display so that the request and response tabs are side by side.
This increases the information that can be displayed but means you cannot see both the request and response at the same time.
 Request and Response Panels Side by Side in the Same Tab
 Request and Response Panels Side by Side in the Same Tab This changes the display so that the request and response panels are shown side by side in the same tab.
This decreases the information that can be displayed but means you can see both the request and response at the same time.
 Request Shown above Response
 Request Shown above Response This changes the display so that the request panel is shown above the response panel.
This decreases the information that can be displayed but means you can see both the request and response at the same time.
 Request and Response Panels Side by Side
 Request and Response Panels Side by Side This changes the display so that the request panel is shown to the left of the response panel.
This decreases the information that can be displayed but means you can see both the request and response at the same time.
 /
 /  Set / Unset Break on All Requests and Responses
 Set / Unset Break on All Requests and Responses This sets and unsets a ‘global’ breakpoint that will trap and display the next request or response in the Break tab.
You can then change any part of the request or response that you want to and send it to the target application by pressing either of the ‘Step’ or ‘Continue’ buttons.
Alternatively you can press the ‘Drop’ button to dispose of the request or response.
You can switch between a single ‘combined’ break button and separates ones for requests and responses via the Options breakpoints screen
 /
 /  Set / Unset Break on All Requests
 Set / Unset Break on All Requests This sets and unsets a ‘global’ breakpoint that will trap and display the next request in the Break tab.
You can then change any part of the request that you want to and send it to the target application by pressing either of the ‘Step’ or ‘Continue’ buttons.
Alternatively you can press the ‘Drop’ button to dispose of the request.
You can switch between a single ‘combined’ break button and separates ones for requests and responses via the Options breakpoints screen
 /
 /  Set / Unset break on all responses
 Set / Unset break on all responses This sets and unsets a ‘global’ breakpoint that will trap and display the next response in the Break tab.
You can then change any part of the response that you want to and send it to your browser by pressing either of the ‘Step’ or ‘Continue’ buttons.
Alternatively you can press the ‘Drop’ button to dispose of the request.
You can switch between a single ‘combined’ break button and separates ones for requests and responses via the Options breakpoints screen
 Step
 Step This allows the trapped request or response to continue to the application or your browser with any changes that you have made to it.
The ‘global’ breakpoint will remain set so that the next request or response will also be caught.
This button is only enabled when a request or response is trapped.
 Continue
 Continue The ‘global’ breakpoint will be unset so that subsequent requests and responses will no longer be caught by ZAP unless you have set breakpoints on specific URLs.
This button is only enabled when a request or response is trapped.
 Drop
 Drop This drops the trapped request or response so that it is not passed on to the application or your browser.
This button is only enabled when a request or response is trapped.
 Add a custom HTTP breakpoint
 Add a custom HTTP breakpoint This displays the Add breakpoint dialog which allows you to specify the criteria for a breakpoint.
 Scan Policy Manager…
 Scan Policy Manager… Shows the Scan Policy Manager dialog which allows configuration of scan policies.
 Manage Add-ons
 Manage Add-ons This shows the Manage Add-ons dialog which allows you to discover, install and update add-ons from the online marketplace.
It also allows you to uninstall add-ons.
 /
 /  Forced User Mode On / Off
 Forced User Mode On / Off This switches forced user mode on and off.
The button is only enabled when you have defined a forced user for at least one context, which can be done via the Session Contexts dialog.
Note that add-ons can add additional buttons.
| Getting Started | for details of how to start using ZAP | |
| Dialogs | for details of the dialogs or popups | |
| Introduction | the introduction to ZAP |