Download

Software Bill of Materials

ZAP includes a runtime Software Bill of Materials (SBOM) generated by CycloneDX for both the ZAP core and all of the add-ons maintained by the ZAP team. Each SBOM will appear as a file called “bom.json” included at the root of the ZAP JARs.

Runtime SBOMs for the ZAP core and the add-ons you have installed can be accessed in ZAP as per the Software Bill of Materials help page.

Note that SBOMs may not be available if you run ZAP from the source code, and some 3rd party add-ons may also not define them.

The full set of available build time add-on SBOMs are:

Name Components
Access Control Testing Add-on SBOM 119
Active scanner rules (alpha) Add-on SBOM 119
Active scanner rules (beta) Add-on SBOM 143
Active scanner rules Add-on SBOM 145
Ajax Spider Add-on SBOM 198
Alert Filters Add-on SBOM 120
Authentication Helper Add-on SBOM 194
Automation Framework Add-on SBOM 119
Call Home Add-on SBOM 106
Client Side Integration Add-on SBOM 185
Common Library Add-on SBOM 118
Custom Payloads Add-on SBOM 105
Database Add-on SBOM 115
Dev Add-on Add-on SBOM 98
Diff Add-on SBOM 64
Directory List v1.0 Add-on SBOM 63
DOM XSS Active scanner rule Add-on SBOM 196
Encoder Add-on SBOM 105
Forced Browse Add-on SBOM 118
Fuzzer Add-on SBOM 123
Getting Started with ZAP Guide Add-on SBOM 63
GraalVM JavaScript Add-on SBOM 132
GraphQL Support Add-on SBOM 138
Groovy Support Add-on SBOM 165
Image Location and Privacy Scanner Add-on SBOM 121
Import/Export Add-on SBOM 120
Invoke Applications Add-on SBOM 63
Linux WebDrivers Add-on SBOM 121
MacOS WebDrivers Add-on SBOM 121
Network Add-on SBOM 101
OAST Support Add-on SBOM 129
Online menus Add-on SBOM 63
OpenAPI Support Add-on SBOM 182
Passive scanner rules (alpha) Add-on SBOM 120
Passive scanner rules (beta) Add-on SBOM 120
Passive scanner rules Add-on SBOM 122
Postman Support Add-on SBOM 120
Python Scripting Add-on SBOM 120
Quick Start Add-on SBOM 205
Replacer Add-on SBOM 124
Report Generation Add-on SBOM 134
Requester Add-on SBOM 119
Retest Add-on SBOM 120
Retire.js Add-on SBOM 119
Reveal Add-on SBOM 63
Revisit Add-on SBOM 63
Script Console Add-on SBOM 120
Selenium Add-on SBOM 177
Sequence Add-on SBOM 63
SOAP Support Add-on SBOM 147
Spider Add-on SBOM 132
Tips and Tricks Add-on SBOM 63
Value Generator Add-on SBOM 105
Wappalyzer - Technology Detection Add-on SBOM 123
WebSockets Add-on SBOM 125
Windows WebDrivers Add-on SBOM 121
Zest - Graphical Security Scripting Language Add-on SBOM 197