Third Party Products and Services which use or integrate with ZAP.
Note that these are not endorsed by either OWASP or the ZAP team.
Services
Services that use ZAP.
![]() |
Commercial | ZAP Platinum Supporter |
![]() |
Commercial | ZAP Silver Supporter |
![]() |
Commercial | ZAP Silver Supporter |
![]() |
Commercial, free community edition | ZAP Silver Supporter |
![]() |
Commercial, free option | ZAP Silver Supporter |
Intruder | Commercial | ZAP Bronze Supporter |
IOTHREAT | Commercial | ZAP Bronze Supporter |
StackHawk | Commercial, free option | ZAP Bronze Supporter |
SecureCodeBox | Free, open source | OWASP Tool |
ArcherySec | Free, open source | |
DAST Operator | Free, open source | |
Ostorlab | Free, open source | |
Rekono | Free, open source | |
RedHat RapiDAST | Free, open source | |
SecHub | Free, open source | |
PurpleTeam-Labs | Commercial, free option, open source | OWASP Tool |
Alertflex | Commercial, free community edition, open source | |
Cyber Tzar | Commercial, free option | |
Idyllum | Commercial, free option | |
Levo.ai | Commercial, free option | |
PatrOwl | Commercial, free for open source projects | |
Probely | Commercial, free option | |
Sken.ai | Commercial, free option | |
Blacklock | Commercial | |
GitLab | Commercial | |
NamicSoft | Commercial | |
Nucleus | Commercial | |
Scan Factory | Commercial | |
BDD Security | Free, open source | No longer maintained? |
Microsoft RAFT | Free, open source | No longer maintained |
Seccubus | Free, open source | No longer maintained? |
Integrations
Products and services that can import ZAP results.
![]() |
Commercial | ZAP Silver Supporter |
Faraday | Open source community edition | ZAP Bronze Supporter |
DefectDojo | Free, open source | OWASP Tool |
Dradis | Open source community edition | |
Sn1per | Open source community edition | |
AppSec Phoenix | Commercial, free option | |
Uleska | Commercial, free option | |
ArmorCode | Commercial | |
Edgescan | Commercial | |
Kondukto | Commercial | |
Sn1per Pro | Commercial | |
Strobes Security | Commercial | |
Virtuoso | Commercial |
Training
ZAP related training courses.
The XSS Rat | Fully FREE @OWASP ZAP Course | |
AppSec Engineer | DAST Automation with OWASP ZAP | |
Coursera | Web Application Security Testing with OWASP ZAP | |
Cycubix | Web Application Security Essentials | |
Cybrary | OWASP ZAP Tool | |
Eduonix | PenTesting with OWASP ZAP: mastery course | |
Everable | Automated DAST in CI/CD using OWASP ZAP | |
Pluralsight | ZAP Getting Started Course | |
Pluralsight | Automate Web Application Scans with OWASP ZAP and Python | |
Pluralsight | Writing Custom Scripts for OWASP Zed Attack Proxy | |
TCM Security | Practical Web Application Security Testing | |
Udemy | OWASP ZAP From Scratch |
Books
Books that significantly feature ZAP.
Amazon.com | Zed Attack Proxy Cookbook | |
Amazon.co.jp | OWASP ZAP: GitHub Actions |