Top Level Toolbar

This toolbar provides a set of controls for commonly used functionality.

Mode pulldown

This allows you to change the current mode.

New Session

This button is the same as the File menu ‘New Session’ menu item.

Open Session

This button is the same as the File menu ‘Open Session’ menu item.

Persist Session…

This button is the same as the File menu ‘Persist Session…’ menu item.

📷 Snapshot Session

This button is the same as the File menu ‘Snapshot Session’ menu item.

Session Properties…

This button is the same as the File menu ‘Properties…’ menu item.

Options…

This button is the same as the Tools menu ‘Options…’ menu item.

Show all tabs

This button reveals all of the hidden tabs.

Hide unpinned tabs

This button hides all of the tabs that are ‘unpinned’. Tabs can be pinned and unpinned via the small ‘pin’ icon that is shown when the tab is selected.

Show tab names and icons

This button toggles the displaying of the tab names.

Expand Sites Tab

This changes the display so that the ‘tree’ window containing the Sites tab extends for the full length of the left hand side.
This will reduce the amount of space available to the ‘information’ window.

Expand Information Tabs

This changes the display so that the ‘information’ window extends for the full length of the bottom.
This will reduce the amount of space available to the ‘tree’ window.

Full Layout

This changes the display so that the selected tab takes up the full screen.
This is useful when using ZAP on small screens.

Request and Response tabs side by side

This changes the display so that the request and response tabs are side by side.
This increases the information that can be displayed but means you cannot see both the request and response at the same time.

Request and Response panels side by side in the same tab

This changes the display so that the request and response panels are shown side by side in the same tab.
This decreases the information that can be displayed but means you can see both the request and response at the same time.

Request shown above Response

This changes the display so that the request panel is shown above the response panel.
This decreases the information that can be displayed but means you can see both the request and response at the same time.

Request and Response panels side by side

This changes the display so that the request panel is shown to the left of the response panel.
This decreases the information that can be displayed but means you can see both the request and response at the same time.

/ Set / Unset break on all requests and responses

This sets and unsets a ‘global’ breakpoint that will trap and display the next request or response in the Break tab.
You can then change any part of the request or response that you want to and send it to the target application by pressing either of the ‘Step’ or ‘Continue’ buttons.
Alternatively you can press the ‘Drop’ button to dispose of the request or response.
You can switch between a single ‘combined’ break button and separates ones for requests and responses via the Options breakpoints screen

/ Set / Unset break on all requests

This sets and unsets a ‘global’ breakpoint that will trap and display the next request in the Break tab.
You can then change any part of the request that you want to and send it to the target application by pressing either of the ‘Step’ or ‘Continue’ buttons.
Alternatively you can press the ‘Drop’ button to dispose of the request.
You can switch between a single ‘combined’ break button and separates ones for requests and responses via the Options breakpoints screen

/ Set / Unset break on all responses

This sets and unsets a ‘global’ breakpoint that will trap and display the next response in the Break tab.
You can then change any part of the response that you want to and send it to your browser by pressing either of the ‘Step’ or ‘Continue’ buttons.
Alternatively you can press the ‘Drop’ button to dispose of the request.
You can switch between a single ‘combined’ break button and separates ones for requests and responses via the Options breakpoints screen

Step

This allows the trapped request or response to continue to the application or your browser with any changes that you have made to it.
The ‘global’ breakpoint will remain set so that the next request or response will also be caught.
This button is only enabled when a request or response is trapped.

Continue

The ‘global’ breakpoint will be unset so that subsequent requests and responses will no longer be caught by ZAP unless you have set breakpoints on specific URLs.
This button is only enabled when a request or response is trapped.

Drop

This drops the trapped request or response so that it is not passed on to the application or your browser.
This button is only enabled when a request or response is trapped.

Add a custom HTTP breakpoint

This displays the Add breakpoint dialog which allows you to specify the criteria for a breakpoint.

Scan Policy Manager…

Shows the Scan Policy Manager dialog which allows configuration of scan policies.

Manage Add-ons

This shows the Manage Add-ons dialog which allows you to discover, install and update add-ons from the online marketplace.
It also allows you to uninstall add-ons.

/ Forced User Mode On / Off

This switches forced user mode on and off.
The button is only enabled when you have defined a forced user for at least one context, which can be done via the Session Contexts dialog.

Note that add-ons can add additional buttons.

See also

The user interface overview

Getting Started for details of how to start using ZAP
Dialogs for details of the dialogs or popups
Introduction the introduction to ZAP