Download

Software Bill of Materials

ZAP includes a runtime Software Bill of Materials (SBOM) generated by CycloneDX for both the ZAP core and all of the add-ons maintained by the ZAP team. Each SBOM will appear as a file called “bom.json” included at the root of the ZAP JARs.

Runtime SBOMs for the ZAP core and the add-ons you have installed can be accessed in ZAP as per the Software Bill of Materials help page.

Note that SBOMs may not be available if you run ZAP from the source code, and some 3rd party add-ons may also not define them.

The full set of available build time add-on SBOMs are:

Name Components
Access Control Testing Add-on SBOM 134
Active scanner rules (alpha) Add-on SBOM 152
Active scanner rules (beta) Add-on SBOM 165
Active scanner rules Add-on SBOM 167
Advanced SQLInjection Scanner Add-on SBOM 83
Ajax Spider Add-on SBOM 199
Alert Filters Add-on SBOM 136
Authentication Helper Add-on SBOM 255
Automation Framework Add-on SBOM 134
Call Home Add-on SBOM 120
Client Side Integration Add-on SBOM 187
Common Library Add-on SBOM 133
Custom Payloads Add-on SBOM 134
Database Add-on SBOM 135
Dev Add-on Add-on SBOM 129
Diff Add-on SBOM 87
Directory List v1.0 Add-on SBOM 65
DOM XSS Active scanner rule Add-on SBOM 191
Encoder Add-on SBOM 134
Eval Villain Add-on SBOM 61
Forced Browse Add-on SBOM 134
Foxhound ZAP Add-on Add-on SBOM 192
FuzzAI Files Add-on SBOM 60
Fuzzer Add-on SBOM 133
Getting Started with ZAP Guide Add-on SBOM 72
GraalVM JavaScript Add-on SBOM 153
GraphQL Support Add-on SBOM 157
Groovy Support Add-on SBOM 194
gRPC Support Add-on SBOM 134
Image Location and Privacy Scanner Add-on SBOM 131
Import/Export Add-on SBOM 139
Insights Add-on SBOM 167
Invoke Applications Add-on SBOM 86
Linux WebDrivers Add-on SBOM 72
macOS WebDrivers Add-on SBOM 72
Network Add-on SBOM 115
OAST Support Add-on SBOM 167
Online menus Add-on SBOM 72
OpenAPI Support Add-on SBOM 191
Parameter Digger Add-on SBOM 118
Passive Scanner Add-on SBOM 135
Passive scanner rules (alpha) Add-on SBOM 135
Passive scanner rules (beta) Add-on SBOM 135
Passive scanner rules Add-on SBOM 137
Postman Support Add-on SBOM 135
Python Scripting Add-on SBOM 120
Quick Start Add-on SBOM 219
Replacer Add-on SBOM 135
Report Generation Add-on SBOM 168
Requester Add-on SBOM 134
Retest Add-on SBOM 124
Retire.js Add-on SBOM 130
Reveal Add-on SBOM 114
Revisit Add-on SBOM 66
SAML Support Add-on SBOM 79
Scan Policies Add-on SBOM 72
Script Console Add-on SBOM 136
Selenium Add-on SBOM 181
Sequence Add-on SBOM 197
Server-Sent Events Add-on SBOM 107
SOAP Support Add-on SBOM 163
Spider Add-on SBOM 148
Technology Detection Add-on SBOM 139
Tips and Tricks Add-on SBOM 72
Token Generation and Analysis Add-on SBOM 120
Value Generator Add-on SBOM 134
WebSockets Add-on SBOM 140
Windows WebDrivers Add-on SBOM 72
Zest - Graphical Security Scripting Language Add-on SBOM 191