Home
This project contains add-ons for the Zed Attack Proxy (ZAP).
If you are using the latest version of ZAP then you can browse and download add-ons from within ZAP by clicking on this button in the toolbar:
You can also import add-ons you have downloaded manually via the "File / Load Add-on File..." menu option.
This project also contains example templates to help you get started when developing new ZAP add-ons.
For a summary of the ways you can extend ZAP see https://github.com/zaproxy/zaproxy/wiki/DevExtending
For some general notes on developing ZAP see the wiki
If you have any questions about developing add-ons for ZAP please ask them on the ZAP Developer forum.
We are happy to host the source code and/or release jars for your ZAP add-ons in this project - please get in touch via the ZAP Developer forum.
- Introduction
-
2.0 Add-ons
- Add-ons: Release
- Add-ons: Beta
-
Add-ons: Alpha
-
Active Scan Rules - alpha
-
Access Control Testing
-
All In One Notes
-
Authentication Statistics
- Browser View
- Bug Tracker
-
Code Dx
-
Community Scripts
- Custom Payloads
- Custom Report
- DOM XSS Active Scan Rule
- Export Report
-
Form Handler
-
Groovy Scripting
-
HTTPS Info Add-on
-
Open API Specification Support
-
Passive Scan Rules - alpha
-
Replacer
-
Revisit
-
Server-Sent Events
-
Sequence Scanner
-
Simple Example
-
SOAP Scanner
-
SNI Terminator
-
Technology Detection
-
TLS Debug
-
- Add-on Development
- Add-on Structure
- Add-on Debugging
- Examples
- Upgrade
- Code Structure
- 1.4 Add-ons
(This is work in progress;)