Third Party Products and Services

Third Party Products and Services which use or integrate with ZAP.
Note that these are not endorsed by the ZAP team.

Services (Supportive)

Services that use ZAP, and have either supported ZAP or are open source.

Jit Commercial
ZAP Supporter
SOOS Commercial
ZAP Supporter
Astra Commercial
ZAP Supporter
DeepFactor Commercial, free community edition
ZAP Supporter
Tecvity Software Services Provider
ZAP Supporter
HostedScan Commercial, free option
ZAP Supporter
Intruder Commercial
ZAP Supporter
IOTHREAT Commercial
ZAP Supporter
Probely Commercial, free option
ZAP Supporter
StackHawk Commercial, free option
ZAP Supporter
SecureCodeBox Free, open source OWASP Tool
ArcherySec Free, open source
DAST Operator Free, open source
Ostorlab Free, open source
Rekono Free, open source
RedHat RapiDAST Free, open source
SecHub Free, open source
PurpleTeam-Labs Commercial, free option, open source OWASP Tool
Alertflex Commercial, free community edition, open source
BDD Security Free, open source No longer maintained?
Microsoft RAFT Free, open source No longer maintained
Seccubus Free, open source No longer maintained?


Products and services that can import ZAP results.

ThreadFix Commercial
ZAP Supporter
DefectDojo Free, open source OWASP Tool
Dradis Open source community edition
Faraday Open source community edition
Sn1per Open source community edition
AppSec Phoenix Commercial, free option
Harness Commercial, free option
Uleska Commercial, free option
ArmorCode Commercial
Edgescan Commercial
Kondukto Commercial
Nucleus Commercial
PlexTrac Commercial
Riscosity Commercial
Sn1per Pro Commercial
Strobes Security Commercial
Virtuoso Commercial
Lombiq UI Testing Toolbox for Orchard Core Free, open source UI testing library for the ASP.NET Core web CMS and framework Orchard Core (


ZAP related training courses.

The XSS Rat Fully FREE @OWASP ZAP Course
AppSec Engineer DAST Automation with OWASP ZAP
Coursera Web Application Security Testing with OWASP ZAP
Cycubix Web Application Security Essentials
Cybrary OWASP ZAP Tool
Eduonix PenTesting with OWASP ZAP: mastery course
Everable Automated DAST in CI/CD using OWASP ZAP
Pluralsight ZAP Getting Started Course
Pluralsight Automate Web Application Scans with OWASP ZAP and Python
Pluralsight Writing Custom Scripts for OWASP Zed Attack Proxy
TCM Security Practical Web Application Security Testing
Udemy OWASP ZAP From Scratch


Books that significantly feature ZAP. Zed Attack Proxy Cookbook OWASP ZAP: GitHub Actions

Services (Unsupportive)

Services that use ZAP, but are closed source and do not support ZAP in any way. If you use these services please ask the companies behind them how they plan to support the ZAP project!

Aikido Commercial, free option
Cyber Tzar Commercial, free option
Idyllum Commercial, free option Commercial, free option
PatrOwl Commercial, free for open source projects Commercial, free option
Blacklock Commercial
Checkmarx DAST Commercial
GitLab Commercial
Forward Security Commercial
NamicSoft Commercial
Scan Factory Commercial
Traceable Commercial