2.14.0
D-2024-04-29
https://github.com/zaproxy/zaproxy/releases/download/w2024-04-29/ZAP_WEEKLY_D-2024-04-29.zip
ZAP_WEEKLY_D-2024-04-29.zip
SHA-256:0b6046c59262082c61d0193a593ae69795fb0179fd838aa5f4c5a4def529d3a4
278080226
https://github.com/zaproxy/zaproxy/releases/download/v2.14.0/ZAP_2_14_0_windows-x32.exe
ZAP_2_14_0_windows-x32.exe
SHA-256:5dae52e27da12fba5115e40ebc0cd2da24f6d9ba91608a7b0b7b254984a0b798
220967424
https://github.com/zaproxy/zaproxy/releases/download/v2.14.0/ZAP_2_14_0_windows.exe
ZAP_2_14_0_windows.exe
SHA-256:df49ffbd14cf82cde5ac06902615e40cbfce1576f866436366708c0845eb9ec6
221097472
https://github.com/zaproxy/zaproxy/releases/download/v2.14.0/ZAP_2.14.0_Linux.tar.gz
ZAP_2.14.0_Linux.tar.gz
SHA-256:219d7f25bbe25247713805ab02cc12279898c870743c1aae3c2b0b1882191960
215142045
https://github.com/zaproxy/zaproxy/releases/download/v2.14.0/ZAP_2.14.0.dmg
ZAP_2.14.0.dmg
SHA-256:3b9862a647b1c5c26d6917f2316113dfaceac06bdb79ad3f2c96e0cbd73861f7
244671708
Bug fix and enhancement release.
https://www.zaproxy.org/docs/desktop/releases/2.14.0/
accessControl
Access Control Testing
Adds a set of tools for testing access control in web applications.
ZAP Dev Team
10
accessControl-alpha-10.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Maintenance changes.</li>
<li>Link website alert pages and help (Issues 8189).</li>
<li>The results table now presents the same context menu as other similar tables (History, Search, etc) facilitating copying URLs, etc (Issue 8356).</li>
<li>Now has a table export button (Issue 8356).</li>
<li>Adjusted some labels/titles to use title caps (Issue 2000 & 8356).</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Now uses the General Font (Issue 8356), as set in the Display options.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/accessControl-v10/accessControl-alpha-10.zap
SHA-256:8e068a789650cd31a5a4592cf57af3dbcb04b98f6fcd20bf752889c3843cbce8
https://www.zaproxy.org/docs/desktop/addons/access-control-testing/
https://github.com/zaproxy/zap-extensions/
2024-03-25
597028
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
alertFilters
Alert Filters
Allows you to automate the changing of alert risk levels.
ZAP Dev Team
20
alertFilters-release-20.zap
release
<h3>Added</h3>
<ul>
<li>Video link in help for Automation Framework job.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Reword label in the automation job to prevent any confusion between the Alert Filters and the Alerts.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/alertFilters-v20/alertFilters-release-20.zap
SHA-256:c4d8b0590f17b16c1eb0fcab877220bcec6ca396323d5ff23c25daa84788d335
https://www.zaproxy.org/docs/desktop/addons/alert-filters/
https://github.com/zaproxy/zap-extensions/
2024-04-02
561146
2.14.0
allinonenotes
All In One Notes
A simple extension to view all notes in one pane.
David Vassallo
2
allinonenotes-alpha-2.zap
alpha
<h3>Added</h3>
<ul>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Update link to repository.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/allinonenotes-v2/allinonenotes-alpha-2.zap
SHA-256:9e70d6e76b72692e9c0cb64002a692b710710e688ea2d8834818086300632d2a
https://www.zaproxy.org/docs/desktop/addons/all-in-one-notes/
https://github.com/zaproxy/zap-extensions/
2021-10-07
249532
2.11.0
ascanrules
Active scanner rules
The release status Active Scanner rules
ZAP Dev Team
65
ascanrules-release-65.zap
release
<h3>Changed</h3>
<ul>
<li>Change link to use HTTPS in other info of SQL Injection - SQLite (Issue 8262).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/ascanrules-v65/ascanrules-release-65.zap
SHA-256:84b91ad0dc613838ab57b5f78fb091d63026cef77c2bf223ea68e97fa05b4181
https://www.zaproxy.org/docs/desktop/addons/active-scan-rules/
https://github.com/zaproxy/zap-extensions/
2024-03-28
3281175
2.14.0
commonlib
>= 1.21.0 & < 2.0.0
network
>= 0.3.0
oast
>= 0.7.0
ascanrulesAlpha
Active scanner rules (alpha)
The alpha status Active Scanner rules
ZAP Dev Team
47
ascanrulesAlpha-alpha-47.zap
alpha
<h3>Changed</h3>
<ul>
<li>References for the LDAP Injection scan rule's Alerts were updated (Issue 8262).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/ascanrulesAlpha-v47/ascanrulesAlpha-alpha-47.zap
SHA-256:a526c2f7b7e38153440a8f8c96a9c7a3343aa43cd9a3018ff15762e0e9fb79c8
https://www.zaproxy.org/docs/desktop/addons/active-scan-rules-alpha/
https://github.com/zaproxy/zap-extensions/
2024-03-28
394839
2.14.0
commonlib
>= 1.22.0 & < 2.0.0
ascanrulesBeta
Active scanner rules (beta)
The beta status Active Scanner rules
ZAP Dev Team
53
ascanrulesBeta-beta-53.zap
beta
<h3>Changed</h3>
<ul>
<li>Change links to use HTTPS in other info of Insecure HTTP Method (Issue 8262).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/ascanrulesBeta-v53/ascanrulesBeta-beta-53.zap
SHA-256:719db8dba4c3f3bec0360e55c46105910fb44aa6c1b97eb6ac00277a0a8c5151
https://www.zaproxy.org/docs/desktop/addons/active-scan-rules-beta/
https://github.com/zaproxy/zap-extensions/
2024-03-28
1743045
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
database
>= 0.1.0
network
>= 0.3.0
oast
>= 0.7.0
attacksurfacedetector
Attack Surface Detector
The Attack Surface Detector analyzes web application source code to generate endpoints that can be used for penetration testing.
Secure Decisions (Matthew DeLetto)
1.1.4
attacksurfacedetector-alpha-1.1.4.zap
alpha
Various incremental changes (see https://github.com/secdec/attack-surface-detector-zap/releases)<br>
Fix un-handled exception when target unavailable & address various "house keeping" tasks.<br>
https://github.com/zaproxy/zap-extensions/releases/download/2.7/attacksurfacedetector-alpha-1.1.4.zap
SHA1:e21758c2cdcbc7806f44cc986a88360457eff82e
https://github.com/secdec/attack-surface-detector-zap/wiki
https://github.com/secdec/attack-surface-detector-zap/
2019-03-07
15604948
2.7.0
authhelper
Authentication Helper
Helps identify and set up authentication handling
ZAP Dev Team
0.12.0
authhelper-beta-0.12.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Handle traditional apps better in authentication detection dialog.</li>
<li>Make cookies set in auth request available to header based session management.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Correct HTTP field names shown in diagnostic data.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/authhelper-v0.12.0/authhelper-beta-0.12.0.zap
SHA-256:ad7f6f0e1a03dbda503603660224e66b3fca88438ccfe28a818140442af9a934
https://www.zaproxy.org/docs/desktop/addons/authentication-helper/
https://github.com/zaproxy/zap-extensions/
2024-02-06
812379
2.14.0
commonlib
>= 1.13.0 & < 2.0.0
network
>=0.6.0
selenium
15.*
authstats
Authentication Statistics
Records logged in/out statistics for all contexts in scope.
ZAP Dev Team
2
authstats-alpha-2.zap
alpha
<h3>Added</h3>
<ul>
<li>Add repo URL.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Dynamically unload the add-on.</li>
<li>Change info URL to link to the site.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/authstats-v2/authstats-alpha-2.zap
SHA-256:cfb604c27f3a7a58e7b5aa55fe9f19a9ce5561fab3ef7d3f6c72845671fb5dcf
https://www.zaproxy.org/docs/desktop/addons/authentication-statistics/
https://github.com/zaproxy/zap-extensions/
2021-10-07
247499
2.11.0
automation
Automation Framework
Automation Framework.
ZAP Dev Team
0.39.0
automation-beta-0.39.0.zap
beta
<h3>Added</h3>
<ul>
<li>Allow reports to know the number of Sites tree nodes actively scanned (Issue 7022).</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Allow to run remote plans through the command line.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/automation-v0.39.0/automation-beta-0.39.0.zap
SHA-256:85656d58e2a26cbc973273cd76c3a38313d71b72ac853d6f622a84ac18306a85
https://www.zaproxy.org/docs/desktop/addons/automation-framework/
https://github.com/zaproxy/zap-extensions/
2024-04-23
1751673
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
network
>= 0.15.0 & < 1.0.0
beanshell
BeanShell Console
Provides a BeanShell Console
ZAP Dev Team
7
beanshell-beta-7.zap
beta
<h3>Added</h3>
<ul>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
<li>Improve permissions and space handling when saving.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/beanshell-v7/beanshell-beta-7.zap
SHA-256:0a83cb7d0369ccef50768ccbda1e6c6d82b9f4e3bd9372b38fd32cc21f6a30fb
https://www.zaproxy.org/docs/desktop/addons/bean-shell/
https://github.com/zaproxy/zap-extensions/
2021-10-07
577838
2.11.0
browserView
Browser View
Adds an option to render HTML responses like a browser
ZAP Dev Team
6
browserView-alpha-6.zap
alpha
<h3>Added</h3>
<ul>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.12.0.</li>
<li>Maintenance changes.</li>
<li>Make missing JavaFX logging less verbose in regular use.</li>
<li>Update help with the requirements to use the add-on.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/browserView-v6/browserView-alpha-6.zap
SHA-256:e53cfde3a009a4be2e40c84ac02e05114505160bd2bab6cbb42416ab9a65b16c
https://www.zaproxy.org/docs/desktop/addons/browser-view/
https://github.com/zaproxy/zap-extensions/
2023-03-13
197667
2.12.0
bruteforce
Forced Browse
Forced browsing of files and directories using code from the OWASP DirBuster tool
ZAP Dev Team
15
bruteforce-beta-15.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/bruteforce-v15/bruteforce-beta-15.zap
SHA-256:a3617d40f46d505e811a183a799dad68c758c30f0d2a6a47c6a9a971d4584288
https://www.zaproxy.org/docs/desktop/addons/forced-browse/
https://github.com/zaproxy/zap-extensions/
2023-10-12
553691
2.14.0
commonlib
>= 1.13.0 & < 2.0.0
bugtracker
Bug Tracker
Bug Tracker extension.
ZAP Dev Team
4
bugtracker-alpha-4.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.1.</li>
<li>Dependency updates.</li>
<li>Maintenance changes.</li>
<li>Updated to use PAT not password (https://github.blog/changelog/2021-08-12-git-password-authentication-is-shutting-down/).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/bugtracker-v4/bugtracker-alpha-4.zap
SHA-256:37c57f8e7f4a1608500527ac1831f8b078427f804ea04ad5790a2970e3e1b722
https://www.zaproxy.org/docs/desktop/addons/bug-tracker/
https://github.com/zaproxy/zap-extensions/
2022-09-23
3707425
2.11.1
callgraph
Call Graph
Allows the user to view a call graph of the selected resources
Colm O'Flaherty
5
callgraph-alpha-5.zap
alpha
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/callgraph-v5/callgraph-alpha-5.zap
SHA-256:0874ce5aad0c4bbf28f72627a4940759d328396e12b7d6a5596f2e41bf24dc4e
https://www.zaproxy.org/docs/desktop/addons/call-graph/
https://github.com/zaproxy/zap-extensions/
2021-10-07
925930
2.11.0
callhome
Call Home
Handles all of the calls to ZAP services.
ZAP Dev Team
0.11.0
callhome-release-0.11.0.zap
release
<h3>Changed</h3>
<ul>
<li>Add UI stats to telemetry.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/callhome-v0.11.0/callhome-release-0.11.0.zap
SHA-256:8df424debddfc3e2d490c3fee1340ddf0096ad6c7f28196ee3bc4e8e8ab73c0d
https://www.zaproxy.org/docs/desktop/addons/call-home/
https://github.com/zaproxy/zap-extensions/
2024-03-13
322150
2.14.0
client
Client Side Integration
Exposes client (browser) side information in ZAP using Firefox and Chrome extensions.
ZAP Dev Team
0.8.0
client-alpha-0.8.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Updated the Chrome extension to v0.0.8.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/client-v0.8.0/client-alpha-0.8.0.zap
SHA-256:8c732069b6c2b88f2ab985f1ebd0356881bcb5230e9f6a4707b8b63a19064b4d
https://www.zaproxy.org/docs/desktop/addons/client-side-integration/
https://github.com/zaproxy/zap-extensions/
2024-01-16
1607021
2.14.0
commonlib
network
>=0.8.0
selenium
>=15.14.0
codedx
Code Dx Extension
Includes request and response data in XML reports and provides the ability to upload reports directly to a Code Dx server
Code Dx, Inc.
9
codedx-alpha-9.zap
alpha
<h3>Added</h3>
<ul>
<li>Add repo URL.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Change info URL to link to the site.</li>
<li>Maintenance changes.</li>
<li>Change to no longer rely on core report classes, which are going to be deleted.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/codedx-v9/codedx-alpha-9.zap
SHA-256:767e0a098de281f0bc880b036a5192f26fe0bb014b81227b385a0b63ca570428
https://www.zaproxy.org/docs/desktop/addons/code-dx/
https://github.com/zaproxy/zap-extensions/
2021-10-07
1769797
2.11.0
commonlib
Common Library
A common library, for use by other add-ons.
ZAP Dev Team
1.24.0
commonlib-release-1.24.0.zap
release
<h3>Added</h3>
<ul>
<li>Helper classes for scripts used as scan-rules (Issue 7105).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/commonlib-v1.24.0/commonlib-release-1.24.0.zap
SHA-256:1b7518cf5013dffd4aa52ed590ef90890d0589842526cf958f9a2f05e63335f8
https://www.zaproxy.org/docs/desktop/addons/common-library/
https://github.com/zaproxy/zap-extensions/
2024-04-11
10800667
2.14.0
communityScripts
Community Scripts
Useful ZAP scripts written by the ZAP community.
ZAP Community
18
communityScripts-alpha-18.zap
alpha
<h3>Added</h3>
<ul>
<li>httpsender/RsaSigningForZap.py - A script that signs requests using RSA</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Remove checks for CFU initiator in HTTP Sender scripts and docs, no longer needed.</li>
<li>Rename AWS signing script.</li>
<li>Update descriptions/comments in scripts.</li>
<li>standalone/Open Fortune 500 websites in a browser.zst - Fix typo in <code>http://www,pbfenergy.com</code></li>
</ul>
https://github.com/zaproxy/community-scripts/releases/download/v18/communityScripts-alpha-18.zap
SHA-256:2bc83a772178e32debbdaae6a95b454af1ac8acbc278547856d9a1e39e5a2763
https://www.zaproxy.org/docs/desktop/addons/community-scripts/
https://github.com/zaproxy/community-scripts/
2024-01-29
461243
2.14.0
coreLang
Core Language Files
Translations of the core language files
ZAP Dev Team
15
coreLang-release-15.zap
release
<h3>Changed</h3>
<ul>
<li>Update the languages files from Crowdin.</li>
<li>Update minimum ZAP version to 2.11.1.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/coreLang-v15/coreLang-release-15.zap
SHA-256:d8258b914ffc95820dd045acf56677668a8cbbfc759290f72e30210056dfb88c
https://crowdin.com/project/zaproxy
https://github.com/zaproxy/zap-extensions/
2022-02-14
4616009
2.11.1
custompayloads
Custom Payloads
Ability to add, edit or remove payloads that are used i.e. by active scanners
ZAP Dev Team
0.13.0
custompayloads-beta-0.13.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Maintenance changes.</li>
<li>Promoted to Beta.</li>
</ul>
<h3>Added</h3>
<ul>
<li>Initial API support:
<ul>
<li>Actions
<ul>
<li>Enable payloads.</li>
<li>Disable payloads.</li>
<li>Enable payload.</li>
<li>Disable payload.</li>
<li>Add payload.</li>
<li>Remove payload.</li>
</ul>
</li>
<li>Views:
<ul>
<li>Payload categories.</li>
<li>Payloads (optionally filtered by category).</li>
</ul>
</li>
</ul>
</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/custompayloads-v0.13.0/custompayloads-beta-0.13.0.zap
SHA-256:07c571e121291980add70fad1b64933382742e93959c7dd470426b4fb111921e
https://www.zaproxy.org/docs/desktop/addons/custom-payloads/
https://github.com/zaproxy/zap-extensions/
2023-11-10
246425
2.14.0
database
Database
Provides database engines and related infrastructure.
ZAP Dev Team
0.3.0
database-alpha-0.3.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/database-v0.3.0/database-alpha-0.3.0.zap
SHA-256:884e2acb9f5069bbd398b07b14cc1880f7a0abf90423d7a651090d43c95d7b6a
https://www.zaproxy.org/docs/desktop/addons/database/
https://github.com/zaproxy/zap-extensions/
2023-10-12
20245848
2.14.0
dev
Dev Add-on
An add-on to help with development of ZAP.
ZAP Dev Team
0.5.0
dev-alpha-0.5.0.zap
alpha
<h3>Added</h3>
<ul>
<li>Auth page which uses header and a cookie set via JavaScript.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/dev-v0.5.0/dev-alpha-0.5.0.zap
SHA-256:182b597916a24f98376b61de7c38220a8eaf525e2721ce352343a4fc79699217
https://www.zaproxy.org/docs/desktop/addons/dev-add-on/
https://github.com/zaproxy/zap-extensions/
2024-01-10
132875
2.14.0
commonlib
>=1.17.0
network
>=0.7.0
diff
Diff
Displays a dialog showing the differences between 2 requests or responses. It uses diffutils and diff_match_patch
ZAP Dev Team
14
diff-beta-14.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/diff-v14/diff-beta-14.zap
SHA-256:7c1e6fd14001b74e1a003c042acfd7654ae1de78191f76afb4385fb063330cad
https://www.zaproxy.org/docs/desktop/addons/diff/
https://github.com/zaproxy/zap-extensions/
2023-10-12
289830
2.14.0
directorylistv1
Directory List v1.0
List of directory names to be used with Forced Browse or Fuzzer add-on.
ZAP Dev Team
7
directorylistv1-release-7.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/directorylistv1-v7/directorylistv1-release-7.zap
SHA-256:c5b0426f1a3bf4e23fc715a93f41eaede2f2703fb5b883d01aeeada2c43af7bb
https://www.zaproxy.org/docs/desktop/addons/directory-list-v1.0/
https://github.com/zaproxy/zap-extensions/
2023-10-12
961166
2.14.0
directorylistv2_3
Directory List v2.3
Lists of directory names to be used with Forced Browse or Fuzzer add-on.
ZAP Dev Team
4
directorylistv2_3-release-4.zap
release
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add repo URL.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Change info URL to link to the site.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/directorylistv2_3-v4/directorylistv2_3-release-4.zap
SHA-256:3a8b04b9363b57acd9cf8cd67abce4c630f986e2b492a1ebd01eaa9587a0a199
https://www.zaproxy.org/docs/desktop/addons/directory-list-v2.3/
https://github.com/zaproxy/zap-extensions/
2021-10-07
8722229
2.11.0
directorylistv2_3_lc
Directory List v2.3 LC
Lists of lower case directory names to be used with Forced Browse or Fuzzer add-on.
ZAP Dev Team
4
directorylistv2_3_lc-release-4.zap
release
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add repo URL.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Change info URL to link to the site.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/directorylistv2_3_lc-v4/directorylistv2_3_lc-release-4.zap
SHA-256:2603580ba53673c31800ef7373e7cc09de759369b6f8fb43cc9e5024ad5d9af4
https://www.zaproxy.org/docs/desktop/addons/directory-list-v2.3-lc/
https://github.com/zaproxy/zap-extensions/
2021-10-07
7569974
2.11.0
domxss
DOM XSS Active scanner rule
DOM XSS Active scanner rule
Aabha Biyani, ZAP Dev Team
18
domxss-release-18.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/domxss-v18/domxss-release-18.zap
SHA-256:cfb43a242f6183f0e8c04166f2e88033550fd8079edde43e5ba92152f6047870
https://www.zaproxy.org/docs/desktop/addons/dom-xss-active-scan-rule/
https://github.com/zaproxy/zap-extensions/
2023-10-12
271733
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
network
>=0.1.0
selenium
>= 15.13.0
encoder
Encoder
Adds encode/decode/hash dialog and support for scripted processors as well
ZAP Dev Team
1.4.0
encoder-release-1.4.0.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/encoder-v1.4.0/encoder-release-1.4.0.zap
SHA-256:d6ee7a21d3113273c603d1c48466b76629dc5a506184dee2c56363b250e262d8
https://www.zaproxy.org/docs/desktop/addons/encode-decode-hash/
https://github.com/zaproxy/zap-extensions/
2023-10-12
470025
2.14.0
evalvillain
Eval Villain
Adds the Eval Villain extension to Firefox when launched from ZAP.
Dennis Goodlett and the ZAP Dev Team
0.3.0
evalvillain-alpha-0.3.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Updated with new version of Eval Villain.</li>
<li>Update minimum ZAP version to 2.13.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/evalvillain-v0.3.0/evalvillain-alpha-0.3.0.zap
SHA-256:ae7013ded7bd1e6b25ba8822c8fb5609ebef8818934bb8ac20b92067af76acb7
https://www.zaproxy.org/docs/desktop/addons/eval-villain/
https://github.com/zaproxy/zap-extensions/
2023-09-26
4944088
2.13.0
selenium
>=15.5.0
exim
Import/Export
Import and Export functionality
ZAP Dev Team & thatsn0tmysite
0.8.0
exim-beta-0.8.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Keep the Export menu items sorted alphabetically.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/exim-v0.8.0/exim-beta-0.8.0.zap
SHA-256:28b10c94fd6b8de4d5b85a757d47f75a3ace0608744ce7b6b84bea26d9e024ec
https://www.zaproxy.org/docs/desktop/addons/import-export/
https://github.com/zaproxy/zap-extensions/
2023-11-10
478370
2.14.0
commonlib
>= 1.19.0 & < 2.0.0
fileupload
FileUpload
Detect File upload requests and scan them to find related vulnerabilities
KSASAN preetkaran20@gmail.com
1.2.1
fileupload-alpha-1.2.1.zap
alpha
https://github.com/zaproxy/zap-extensions/releases/download/2.7/fileupload-alpha-1.2.1.zap
SHA-256:84734320ed04f6e287cc0458897e99e80fe16d632d071e73187e446448b5fa7f
https://www.zaproxy.org/blog/2021-08-20-zap-fileupload-addon/
https://github.com/SasanLabs/owasp-zap-fileupload-addon/
2023-10-23
78272
2.11.0
formhandler
Value Generator
This Value Generator Add-on allows a user to define field names and values to be used when submitting values to an app. Fields can be added, modified, enabled/disabled, and deleted.
ZAP Dev Team
6.5.0
formhandler-beta-6.5.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Maintenance changes.</li>
<li>Tweak help for proper rendering in the website.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/formhandler-v6.5.0/formhandler-beta-6.5.0.zap
SHA-256:29550071eca41043383b06a1e85dde00fd1a31ffaba6406c320fce22f4667943
https://www.zaproxy.org/docs/desktop/addons/value-generator/
https://github.com/zaproxy/zap-extensions/
2023-10-12
2126661
2.14.0
fuzz
Fuzzer
Advanced fuzzer for manual testing
ZAP Dev Team
13.12.0
fuzz-beta-13.12.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/fuzz-v13.12.0/fuzz-beta-13.12.0.zap
SHA-256:6304093e3112215840b64917b7f2f988c46e3e322f112f4b310eda4caefbe882
https://www.zaproxy.org/docs/desktop/addons/fuzzer/
https://github.com/zaproxy/zap-extensions/
2023-10-12
2030800
2.14.0
commonlib
>= 1.13.0 & < 2.0.0
fuzzdb
FuzzDB Files
FuzzDB files which can be used with the ZAP fuzzer
ZAP Dev Team
9
fuzzdb-release-9.zap
release
<h3>Changed</h3>
<ul>
<li>Updated RAFT lists based on more recent SecLists contributions</li>
<li>Update minimum ZAP version to 2.11.1.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/fuzzdb-v9/fuzzdb-release-9.zap
SHA-256:c79537362cd6b383f447359685e3bd51795600b97ca0c1fadc4ba74828a7d4f4
https://www.zaproxy.org/docs/desktop/addons/fuzzdb-files/
https://github.com/zaproxy/zap-extensions/
2022-09-23
6167205
2.11.1
fuzzdboffensive
FuzzDB Offensive
FuzzDB web backdoors and attack files which can be used with the ZAP fuzzer or for manual penetration testing - contains files that may well be flagged by anti-virus tools
ZAP Dev Team
5
fuzzdboffensive-release-5.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Updated help and description to say this may cause problems with anti-virus tools (Issue 8297).</li>
</ul>
https://github.com/zaproxy/fuzzdb-offensive/releases/download/v5/fuzzdboffensive-release-5.zap
SHA-256:9d7bf6f8df62e5ee56e72b47785e6027674127ae70604d9c4f6dc0cea1f536dc
https://www.zaproxy.org/docs/desktop/addons/fuzzdb-offensive/
https://github.com/zaproxy/fuzzdb-offensive/
2024-01-11
523693
2.14.0
gettingStarted
Getting Started with ZAP Guide
A short Getting Started with ZAP Guide
ZAP Dev Team
16
gettingStarted-release-16.zap
release
<h3>Changed</h3>
<ul>
<li>Update Getting Started Guide.</li>
<li>Updated for 2.14.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/gettingStarted-v16/gettingStarted-release-16.zap
SHA-256:46bb4914a35a04be3de8ed19b38b851c449c182ede9f546027f97b4a299805b8
https://www.zaproxy.org/docs/desktop/addons/getting-started-guide/
https://github.com/zaproxy/zap-extensions/
2023-10-12
784111
2.14.0
graaljs
GraalVM JavaScript
Provides the GraalVM JavaScript engine for ZAP scripting.
ZAP Dev Team
0.6.0
graaljs-alpha-0.6.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update Active and Passive Script Templates to include a <code>getMetadata</code> function. This will allow them to be used as regular scan rules.</li>
<li>Depend on the <code>commonlib</code> and <code>scripts</code> add-ons for scan rule scripts.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/graaljs-v0.6.0/graaljs-alpha-0.6.0.zap
SHA-256:2c69221ad6746bc30d78e429c13f6ee4ac202a46e35fde3d802bdf85a3c04a67
https://www.zaproxy.org/docs/desktop/addons/graalvm-javascript/
https://github.com/zaproxy/zap-extensions/
2024-04-11
24536229
2.14.0
commonlib
>=1.24.0
scripts
>=45.2.0
graphql
GraphQL Support
Inspect and attack GraphQL endpoints.
ZAP Dev Team
0.23.0
graphql-alpha-0.23.0.zap
alpha
<h3>Added</h3>
<ul>
<li>Video link in help for Automation Framework job.</li>
<li>Website alert links to the help page (Issue 8189).</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fix graphql parameter injection in URL query.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/graphql-v0.23.0/graphql-alpha-0.23.0.zap
SHA-256:328c6d93d0497e414b9d661a5ad7d2ceb285b70abfc77260984b0341004a1c1b
https://www.zaproxy.org/docs/desktop/addons/graphql-support/
https://github.com/zaproxy/zap-extensions/
2024-02-22
5433142
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
groovy
Groovy Support
Adds Groovy support to ZAP
ZAP Dev Team
3.2.0
groovy-beta-3.2.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Maintenance changes.</li>
<li>Replace usage of singletons with injected variables (e.g. <code>model</code>, <code>control</code>) in scripts.</li>
<li>Dependency updates.</li>
<li>Update Active and Passive Script Templates to include a <code>getMetadata</code> function. This will allow them to be used as regular scan rules.</li>
<li>Depend on the <code>commonlib</code> and <code>scripts</code> add-ons for scan rule scripts.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Updated encode-decode script template to conform to the latest method signatures.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/groovy-v3.2.0/groovy-beta-3.2.0.zap
SHA-256:2603bcff3728308c6dab09135def96a1209ce8219b0d1f9d861c59b5a8fc522e
https://www.zaproxy.org/docs/desktop/addons/groovy-support/
https://github.com/zaproxy/zap-extensions/
2024-04-11
20168743
2.14.0
commonlib
>=1.24.0
scripts
>=45.2.0
help
Help - English
English version of the ZAP help file.
ZAP Crowdin Team
17
help-release-17.zap
release
<h3>Added</h3>
<ul>
<li>SBOM help page.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Updated for 2.14.0.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Add 2.13.0 release page to table of contents.</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help-v17/help-release-17.zap
SHA-256:a2aeaf638fc83b7a5ba0eefcaa5ff806b0a3c9981d20abd107026724f9f128b3
https://www.zaproxy.org/docs/desktop/
https://github.com/zaproxy/zap-core-help/
2023-10-12
628064
2.14.0
help_ar_SA
Help - Arabic
Arabic version of the ZAP help file.
ZAP Crowdin Team
1
help_ar_SA-alpha-1.zap
alpha
<ul>
<li>First version.</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_ar_SA-v1/help_ar_SA-alpha-1.zap
SHA-256:8208b0c788d5e29a2bb34f3c44c07db613faefb17d8d9cfb60adc02629c2b3f1
https://github.com/zaproxy/zap-core-help/
2022-01-18
649333
2.11.0
help_bs_BA
Help - Bosnian
Bosnian version of the ZAP help file.
ZAP Crowdin Team
9
help_bs_BA-alpha-9.zap
alpha
Updated with the latest files from crowdin
https://github.com/zaproxy/zap-extensions/releases/download/2.7/help_bs_BA-alpha-9.zap
SHA1:d33a3277e877da4734e6bf9c911c61c4e6ce2f3f
2018-02-08
747536
2.7.0
help_es_ES
Help - Spanish
Spanish version of the ZAP help file.
ZAP Crowdin Team
10
help_es_ES-release-10.zap
release
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_es_ES-v10/help_es_ES-release-10.zap
SHA-256:63cc24e180374cf038d6aefe31b3f62e170437958ad61d2d3e65d2722fbedc1a
https://github.com/zaproxy/zap-core-help/
2022-01-18
697066
2.11.0
help_fil_PH
Help - Filipino
Filipino version of the ZAP help file.
ZAP Crowdin Team
3
help_fil_PH-alpha-3.zap
alpha
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_fil_PH-v3/help_fil_PH-alpha-3.zap
SHA-256:64bbeb0f9404b70c0d49e9fd5da789b8d3902a20f518c7305eb412242831a180
https://github.com/zaproxy/zap-core-help/
2022-01-18
710027
2.11.0
help_fr_FR
Help - French
French version of the ZAP help file.
ZAP Crowdin Team
10
help_fr_FR-alpha-10.zap
alpha
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_fr_FR-v10/help_fr_FR-alpha-10.zap
SHA-256:f1ede9441e5de48170fdef598eb543ef6ad0813eed2e838d2c4803ea114fcb1a
https://github.com/zaproxy/zap-core-help/
2022-01-18
646717
2.11.0
help_id_ID
Help - Indonesian
Indonesian version of the ZAP help file.
ZAP Crowdin Team
3
help_id_ID-beta-3.zap
beta
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_id_ID-v3/help_id_ID-beta-3.zap
SHA-256:ef50363872d783c3c49417bc821b28256cf35d8390004c48f6d4e030ceb8a7c5
https://github.com/zaproxy/zap-core-help/
2022-01-18
671009
2.11.0
help_ja_JP
Help - Japanese
Japanese version of the ZAP help file.
ZAP Crowdin Team
10
help_ja_JP-beta-10.zap
beta
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_ja_JP-v10/help_ja_JP-beta-10.zap
SHA-256:11d310352e8719fe50587c5b97dd5eeb3a2e2ab23e450a7c1d0fad013d003536
https://github.com/zaproxy/zap-core-help/
2022-01-18
661964
2.11.0
help_ms_MY
Help - Malay
Malay version of the ZAP help file.
ZAP Crowdin Team
1
help_ms_MY-alpha-1.zap
alpha
<ul>
<li>First version.</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_ms_MY-v1/help_ms_MY-alpha-1.zap
SHA-256:6407990b8ebaa2e401c3addc47081c742ab7fce25cec107ef49b4e627ad3ceae
https://github.com/zaproxy/zap-core-help/
2022-01-18
636908
2.11.0
help_pt_BR
Help - Portuguese, Brazilian
Portuguese, Brazilian version of the ZAP help file.
ZAP Crowdin Team
11
help_pt_BR-release-11.zap
release
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_pt_BR-v11/help_pt_BR-release-11.zap
SHA-256:3fdf92763c1c851848df6b3588c97bbeb22837002351fd00c8208d8ab01ff710
https://github.com/zaproxy/zap-core-help/
2022-01-18
682092
2.11.0
help_ru_RU
Help - Russian
Russian version of the ZAP help file.
ZAP Crowdin Team
2
help_ru_RU-release-2.zap
release
<h3>Changed</h3>
<ul>
<li>Promote to Release</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_ru_RU-v2/help_ru_RU-release-2.zap
SHA-256:3fd5d8e6af7453a3a16e7c38a19ec941a330d0fd050f562ecebdc4638ae52c80
https://github.com/zaproxy/zap-core-help/
2022-02-24
779171
2.11.0
help_tr_TR
Help - Turkish
Turkish version of the ZAP help file.
ZAP Crowdin Team
2
help_tr_TR-release-2.zap
release
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_tr_TR-v2/help_tr_TR-release-2.zap
SHA-256:a92b43beab5e196341d8ddf40d594f1596c225c74f0f5b9280e223acc9a8535c
https://github.com/zaproxy/zap-core-help/
2022-01-18
710766
2.11.0
help_zh_CN
Help - Chinese Simplified
Chinese Simplified version of the ZAP help file.
ZAP Crowdin Team
3
help_zh_CN-beta-3.zap
beta
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_zh_CN-v3/help_zh_CN-beta-3.zap
SHA-256:959b718a307ca32c7807c0d327533765eeb6a0a799b9bc98a2a1e22b3b47bc5a
https://github.com/zaproxy/zap-core-help/
2022-01-18
656718
2.11.0
highlighter
Highlighter
Allows you to highlight strings in the request and response tabs.
ZAP Dev Team
8
highlighter-alpha-8.zap
alpha
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/highlighter-v8/highlighter-alpha-8.zap
SHA-256:4c4852bb2f42eb20dbe19a091e9025667947c73967a65770658333bedd01fccf
https://www.zaproxy.org/docs/desktop/addons/highlighter/
https://github.com/zaproxy/zap-extensions/
2021-10-07
115527
2.11.0
hud
HUD - Heads Up Display
Display information from ZAP in browser.
ZAP Dev Team
0.18.0
hud-beta-0.18.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Update displayed time format to include leading zeros (Issue 1256).</li>
</ul>
https://github.com/zaproxy/zap-hud/releases/download/v0.18.0/hud-beta-0.18.0.zap
SHA-256:19bc423d3ecc765b994319dd6edcc710a38fb4f379ac578d69acfd9fa0c98934
https://www.zaproxy.org/docs/desktop/addons/hud/
https://github.com/zaproxy/zap-hud/
2023-10-12
1382584
2.14.0
network
>= 0.1.0
websocket
imagelocationscanner
Image Location and Privacy Scanner
Image Location and Privacy Passive Scanner
Jay Ball (veggiespam) and the ZAP Dev Team
5
imagelocationscanner-beta-5.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Maintenance changes.</li>
</ul>
<h3>Added</h3>
<ul>
<li>Website alert links (Issue 8189).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/imagelocationscanner-v5/imagelocationscanner-beta-5.zap
SHA-256:4d95a4e8c09fbae9372a28b2501c57ac3789b2357f4988fc0dcdc3c11f3f0fe8
https://www.zaproxy.org/docs/desktop/addons/image-location-and-privacy-scanner/
https://github.com/zaproxy/zap-extensions/
2024-04-11
1147406
2.14.0
commonlib
>= 1.6.0 & < 2.0.0
invoke
Invoke Applications
Invoke external applications passing context related information such as URLs and parameters
ZAP Dev Team
14
invoke-beta-14.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/invoke-v14/invoke-beta-14.zap
SHA-256:62819ea13c18db031d01d1a74b9111f9a832fe14e8510f67232c38dab35ccaaf
https://www.zaproxy.org/docs/desktop/addons/invoke-applications/
https://github.com/zaproxy/zap-extensions/
2023-10-12
322621
2.14.0
jruby
Ruby Scripting
Allows Ruby to be used for ZAP scripting - templates included
ZAP Dev Team
8
jruby-beta-8.zap
beta
<h3>Changed</h3>
<ul>
<li>Update links to zaproxy repo.</li>
<li>Rename reliability to confidence in active/passive templates.</li>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/jruby-v8/jruby-beta-8.zap
SHA-256:f5bb450a165f6c407b8d24f7b2776bdc7a2edb0b4b42aea385f8a6ad1ae605ca
https://www.zaproxy.org/docs/desktop/addons/ruby-scripting/
https://github.com/zaproxy/zap-extensions/
2021-10-07
21968128
2.11.0
jsonview
JSON View
Adds a view that shows JSON messages nicely formatted
Juha Kivekäs
3
jsonview-alpha-3.zap
alpha
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.13.0.</li>
<li>Depend on Common Library add-on to reuse libraries (Issue 7961).</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Use other library to format the JSON bodies (Issue 7798).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/jsonview-v3/jsonview-alpha-3.zap
SHA-256:ddafbbced033cc937ef37182e3650119dee3c7e5f1ac4ded73ea42125467184d
https://www.zaproxy.org/docs/desktop/addons/json-view/
https://github.com/zaproxy/zap-extensions/
2023-09-07
120558
2.13.0
commonlib
>= 1.16.0 & < 2.0.0
jwt
JWT Support
Detect JWT requests and scan them to find related vulnerabilities
KSASAN preetkaran20@gmail.com
1.0.3
jwt-alpha-1.0.3.zap
alpha
<ul>
<li>First version of JWT Support.
<ul>
<li>Contains scanning rules for basic JWT related vulnerabilities.</li>
<li>Contains JWT Fuzzer for fuzzing the JWT's present in the request.</li>
</ul>
</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/2.7/jwt-alpha-1.0.3.zap
SHA-256:d3df8480010ad2df230cbdb99619aafdb869861349455c3da0129a99b132d204
https://github.com/SasanLabs/owasp-zap-jwt-addon/
2023-01-02
751748
2.11.1
commonlib
fuzz
13.*
jython
Python Scripting
Allows Python to be used for ZAP scripting - templates included
ZAP Dev Team
15
jython-beta-15.zap
beta
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Update Active and Passive Script Templates to include a <code>getMetadata</code> function. This will allow them to be used as regular scan rules.</li>
<li>Depend on the <code>commonlib</code> add-on for scan rule scripts.</li>
<li>Update minimum <code>scripts</code> add-on version to 45.1.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/jython-v15/jython-beta-15.zap
SHA-256:019a64ba85cc9021a841e7253ae14f619129b603ab2048bec9593f5d59c1da02
https://www.zaproxy.org/docs/desktop/addons/python-scripting/
https://github.com/zaproxy/zap-extensions/
2024-04-11
43315501
2.14.0
commonlib
>=1.24.0
scripts
>=45.2.0
kotlin
Kotlin Support
Allows Kotlin to be used for ZAP scripting
StackHawk Engineering
1.1.0
kotlin-alpha-1.1.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Use appropriate syntax style for highlighting of code.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/kotlin-v1.1.0/kotlin-alpha-1.1.0.zap
SHA-256:85a47ea7199b77cfb09081302c277de2ba5e2102ef79907573ebcfa6425302e9
https://www.zaproxy.org/docs/desktop/addons/kotlin-support/
https://github.com/zaproxy/zap-extensions/
2021-10-07
48865539
2.11.0
levoai
Levo.ai
Build OpenAPI Specs with ZAP traffic using Levo.ai.
Levo.ai
0.2.0
levoai-zap-addon-alpha-0.2.0.zap
alpha
<h3>Added</h3>
<ul>
<li>Validate the Satellite URL structure when it is modified.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>URLs with '/' as the path were not being handled correctly.</li>
</ul>
https://github.com/levoai/levoai-zap-addon/releases/download/v0.2.0/levoai-zap-addon-alpha-0.2.0.zap
SHA-256:28777022d50fa8ff29ef21ab94d01786d4936dcf6ddc9303e64f52983203311d
https://docs.levo.ai/api-observability/quickstart/quickstart-zap-addon
https://github.com/levoai/levoai-zap-addon
2022-12-26
2459871
2.12.0
maplocal
Map Local
Allows mapping of responses to content of a chosen local file.
Keindel (Andrey Maksimov)
0.0.1
maplocal-alpha-0.0.1.zap
alpha
<ul>
<li>First version of Map Local extension. Provides feature to map Response Body to a content of chosen local file.
<ul>
<li>Has status panel in UI with 3 columns: Enabled / URL / Local Path.</li>
<li>Has add / edit dialog with browse button to choose file.</li>
<li>Has file choice verification check.</li>
<li>Popup menus in sites and history, edit / remove - popups in status panel.</li>
<li>Persists to session DB.</li>
</ul>
</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/2.7/maplocal-alpha-0.0.1.zap
SHA-256:d3ecd2a6e23b06ffed8646ee2314d921a1c1925c3ab08070a624a090734ebdca
https://github.com/Keindel/owasp-zap-maplocal-addon
2023-10-05
49040
2.12.0
neonmarker
Neonmarker
Colors history table items based on tags
Juha Kivekäs, Kingthorin
1.6.0
neonmarker-alpha-1.6.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>The script example in the Help content was updated to use the injected core variables instead of using the fully qualified class name.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>An NPE which could happen when removing an entry that didn't yet have a tag assigned.</li>
</ul>
https://github.com/kingthorin/neonmarker/releases/download/v1.6.0/neonmarker-alpha-1.6.0.zap
SHA-256:b6b1eef2673821189dee4877fe07cd78b64af662e3c6bff6e32c4f868b290ad3
https://www.zaproxy.org/docs/desktop/addons/neonmarker/
https://github.com/kingthorin/neonmarker
2023-08-17
35557
2.10.0
network
Network
Provides core networking capabilities.
ZAP Dev Team
0.15.0
network-beta-0.15.0.zap
beta
<h3>Added</h3>
<ul>
<li>Methods for accessing the upstream proxy.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/network-v0.15.0/network-beta-0.15.0.zap
SHA-256:b9d3bc906a3fab3f3749783bd2dadc6f73fac20676cd43c8fb7fbd9069eacea5
https://www.zaproxy.org/docs/desktop/addons/network/
https://github.com/zaproxy/zap-extensions/
2024-03-25
28108729
2.14.0
oast
OAST Support
Allows you to exploit out-of-band vulnerabilities
ZAP Dev Team
0.17.0
oast-beta-0.17.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/oast-v0.17.0/oast-beta-0.17.0.zap
SHA-256:b05341c052722baccef2a055e6fe9f64e6818cbfda00bb9c50fa260e51a3d96d
https://www.zaproxy.org/docs/desktop/addons/oast-support/
https://github.com/zaproxy/zap-extensions/
2023-10-12
813582
2.14.0
database
>= 0.1.0
network
>= 0.1.0
onlineMenu
Online menus
ZAP Online menu items
ZAP Dev Team
12
onlineMenu-release-12.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/onlineMenu-v12/onlineMenu-release-12.zap
SHA-256:a966a81a4fd57660e9c703d16a7472d0cb1b816941cc8d84cf5e58597afa24c6
https://www.zaproxy.org/docs/desktop/addons/online-menu/
https://github.com/zaproxy/zap-extensions/
2023-10-12
208613
2.14.0
openapi
OpenAPI Support
Imports and spiders OpenAPI definitions.
ZAP Dev Team plus Joanna Bona, Nathalie Bouchahine, Artur Grzesica, Mohammad Kamar, Markus Kiss, Michal Materniak, Marcin Spiewak, and SDA SE Open Industry Solutions
39
openapi-beta-39.zap
beta
<h3>Added</h3>
<ul>
<li>Video link in help for Automation Framework job.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Dependency updates.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/openapi-v39/openapi-beta-39.zap
SHA-256:9f4eec172dc3dd32052eee670854afbbd12a3b61269beebaa0329b358621a1c9
https://www.zaproxy.org/docs/desktop/addons/openapi-support/
https://github.com/zaproxy/zap-extensions/
2024-01-26
13941067
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
packpentester
Collection: Pentester Pack
A collection of add-ons ideal for pentesters
ZAP Dev Team
0.1.0
packpentester-alpha-0.1.0.zap
alpha
<h3>Fixed</h3>
<ul>
<li>Corrected fuzz add-on name</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/packpentester-v0.1.0/packpentester-alpha-0.1.0.zap
SHA-256:0b8e7e4ddffdcacf46fdf9793bf84217738e281cbd5ccac732788c4b768d069c
https://www.zaproxy.org/docs/desktop/addons/collection-pentester-pack/
https://github.com/zaproxy/zap-extensions/
2022-05-12
6792
2.11.1
accessControl
attacksurfacedetector
custompayloads
evalvillain
fileupload
fuzz
fuzzdb
jsonview
jwt
requester
viewstate
wappalyzer
packscanrules
Collection: Scan Rules Pack
All of the add-ons just containing release, beta and alpha status scan rules
ZAP Dev Team
0.0.1
packscanrules-alpha-0.0.1.zap
alpha
<p>First version.</p>
https://github.com/zaproxy/zap-extensions/releases/download/packscanrules-v0.0.1/packscanrules-alpha-0.0.1.zap
SHA-256:5ad68f153379bd96f36a7bead61e884cc42e1409cdd262dffc682b5f7bf92da4
https://www.zaproxy.org/docs/desktop/addons/collection-scan-rules-pack/
https://github.com/zaproxy/zap-extensions/
2022-05-13
9244
2.11.1
ascanrules
ascanrulesAlpha
ascanrulesBeta
domxss
pscanrules
pscanrulesAlpha
pscanrulesBeta
retire
paramdigger
Parameter Digger
Identify hidden, unlinked parameters. Useful for finding web cache poisoning vulnerabilities.
ZAP Dev Team and Arkaprabha Chakraborty
0.2.0
paramdigger-alpha-0.2.0.zap
alpha
<h3>Fixed</h3>
<ul>
<li>NullPointerException which could occur with header guesser.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.12.0.</li>
<li>Maintenance changes.</li>
<li>Default number of threads to 2 * processor count.</li>
<li>Change panel designs to allow message selection.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/paramdigger-v0.2.0/paramdigger-alpha-0.2.0.zap
SHA-256:a6741d85e9d9b9a01107e176f8530c3386fc4671fde4c0a38b94cd6d953a35d6
https://www.zaproxy.org/docs/desktop/addons/parameter-digger/
https://github.com/zaproxy/zap-extensions/
2023-06-06
553729
2.12.0
commonlib
>= 1.13.0 & < 2.0.0
plugnhack
Plug-n-Hack Configuration
Supports the Mozilla Plug-n-Hack standard: https://developer.mozilla.org/en-US/docs/Plug-n-Hack.
ZAP Dev Team
13
plugnhack-beta-13.zap
beta
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.12.0.</li>
<li>Use Network add-on to obtain main proxy address/port.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/plugnhack-v13/plugnhack-beta-13.zap
SHA-256:8d74b572bb7e08d09ebcfd10da9f2f65f7970f9452feadb8bbe69c8037b80ee2
https://www.zaproxy.org/docs/desktop/addons/plug-n-hack/
https://github.com/zaproxy/zap-extensions/
2022-10-27
736005
2.12.0
network
>= 0.2.0
portscan
Port Scanner
Allows to port scan a target server
ZAP Dev Team
10
portscan-beta-10.zap
beta
<h3>Changed</h3>
<ul>
<li>Use the Network add-on to obtain the outgoing proxy.</li>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.12.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/portscan-v10/portscan-beta-10.zap
SHA-256:6cf0432e1c329499649b219d2f00e7ec7bc2079d7160396fecb9a8ad3446b963
https://www.zaproxy.org/docs/desktop/addons/port-scan/
https://github.com/zaproxy/zap-extensions/
2022-10-27
724563
2.12.0
network
>=0.3.0
postman
Postman Support
Imports and spiders Postman collections.
ZAP Dev Team
0.3.0
postman-alpha-0.3.0.zap
alpha
<h3>Added</h3>
<ul>
<li>Automation support.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Correct deserialization of item groups (Issue 8400).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/postman-v0.3.0/postman-alpha-0.3.0.zap
SHA-256:b4338c0c54cfd99d1f8b1477bc853f07af225810e546b58ade7c33148564e898
https://www.zaproxy.org/docs/desktop/addons/postman-support/
https://github.com/zaproxy/zap-extensions/
2024-04-02
250100
2.14.0
commonlib
>= 1.16.0 & < 2.0.0
pscanrules
Passive scanner rules
The release status Passive Scanner rules
ZAP Dev Team
57
pscanrules-release-57.zap
release
<h3>Changed</h3>
<ul>
<li>Use of HTTP for example URLs in the descriptions or other info details for the following rules have been updated to HTTPS (Issue 8262):
<ul>
<li>Cookie Poisoning</li>
<li>Open Redirect</li>
<li>X-Debug-Token Information Leak</li>
</ul>
</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/pscanrules-v57/pscanrules-release-57.zap
SHA-256:8506bb08f6fc4be1794b66c4035f93370522c4c628e350cc2a881a7a3c778e74
https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules/
https://github.com/zaproxy/zap-extensions/
2024-03-28
1863892
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
pscanrulesAlpha
Passive scanner rules (alpha)
The alpha status Passive Scanner rules
ZAP Dev Team
42
pscanrulesAlpha-alpha-42.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
<h3>Added</h3>
<ul>
<li>Website alert links (Issue 8189).</li>
<li>Full Path Disclosure vulnerability passive scanner (Issue 413).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/pscanrulesAlpha-v42/pscanrulesAlpha-alpha-42.zap
SHA-256:9fa7fccef79fb0611b6460b30c0d88aa119a7fe775a8ecdd7720bb68e07b66ce
https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules-alpha/
https://github.com/zaproxy/zap-extensions/
2024-01-16
540281
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
pscanrulesBeta
Passive scanner rules (beta)
The beta status Passive Scanner rules
ZAP Dev Team
37
pscanrulesBeta-beta-37.zap
beta
<h3>Added</h3>
<ul>
<li>Website alert links (Issue 8189).</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/pscanrulesBeta-v37/pscanrulesBeta-beta-37.zap
SHA-256:58dc13cdb8ff693d8bf9f866be6a5e653a6fc3b521ad715b190fd013b65c20d5
https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules-beta/
https://github.com/zaproxy/zap-extensions/
2024-02-12
668776
2.14.0
commonlib
>= 1.10.0 & < 2.0.0
quickstart
Quick Start
Provides a tab which allows you to quickly test a target application
ZAP Dev Team
46
quickstart-release-46.zap
release
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>AJAX spider selection to include "if modern" option.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Help content typos.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/quickstart-v46/quickstart-release-46.zap
SHA-256:5375cd33327eb1551295093f7623fa7c118b7885e3403c34ca03a51bc4684fde
https://www.zaproxy.org/docs/desktop/addons/quick-start/
https://github.com/zaproxy/zap-extensions/
2024-04-23
769172
2.14.0
callhome
>= 0.0.1
network
>= 0.3.0
reports
>= 0.4.0
reflect
Reflect
Finds reflected parameters
Caleb Kinney
0.0.11
reflect-alpha-0.0.11.zap
alpha
https://github.com/zaproxy/zap-extensions/releases/download/2.7/reflect-alpha-0.0.11.zap
SHA-256:c45307037042e4079546a5fcb17d1165475e5cdd5ba7e8abc0d2cf0a14866466
2021-02-19
1780219
2.9.0
regextester
Regular Expression Tester
Allows to test Regular Expressions
ZAP Dev Team
2
regextester-alpha-2.zap
alpha
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Close dialogues when the add-on is uninstalled.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/regextester-v2/regextester-alpha-2.zap
SHA-256:b4706709c16a45e8bedc0bd6f28dd09532d5dbf3f1fe2c2853e20dbf6160a584
https://www.zaproxy.org/docs/desktop/addons/regular-expression-tester/
https://github.com/zaproxy/zap-extensions/
2021-10-07
159441
2.11.0
replacer
Replacer
Easy way to replace strings in requests and responses.
ZAP Dev Team
16
replacer-release-16.zap
release
<h3>Changed</h3>
<ul>
<li>Allow to replace (change or remove) the Host header (Issue 5475).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/replacer-v16/replacer-release-16.zap
SHA-256:3df693f57a587850796b3e03c2163aae436ae40cd2a25e4d0a0c1745551237fc
https://www.zaproxy.org/docs/desktop/addons/replacer/
https://github.com/zaproxy/zap-extensions/
2023-11-30
436618
2.14.0
reports
Report Generation
Official ZAP Reports.
ZAP Dev Team
0.31.0
reports-release-0.31.0.zap
release
<h3>Changed</h3>
<ul>
<li>Tweaked OSF sponsorship links.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Handle alerts without HTTP message gracefully (Issue 6880).</li>
<li>More issues with illegal XML characters in pdf reports (Issue 8330).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/reports-v0.31.0/reports-release-0.31.0.zap
SHA-256:f18cc9a82dcaf7bb13fed678b8f92256f28201acfa77acb85e107e8a25f84882
https://www.zaproxy.org/docs/desktop/addons/report-generation/
https://github.com/zaproxy/zap-extensions/
2024-03-25
14759803
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
requester
Requester
Allows to manually edit and send messages.
Surikato and the ZAP Dev Team
7.5.0
requester-beta-7.5.0.zap
beta
<h3>Added</h3>
<ul>
<li>Button to lowercase request header names (Issue 8176).</li>
<li>Support for menu weights (Issue 8369)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Manual request dialog to be opened with selected message on CTRL-M (Issue 8365)</li>
<li>Manual request dialog to be used instead of a separate Resend dialog.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/requester-v7.5.0/requester-beta-7.5.0.zap
SHA-256:c0998121e21977c8ba0cd8b0257a4263c455e9566347184a0f287ad3ec0269ce
https://www.zaproxy.org/docs/desktop/addons/requester/
https://github.com/zaproxy/zap-extensions/
2024-03-25
756987
2.14.0
commonlib
>=1.23.0
retest
Retest
An add-on to retest for presence/absence of previously generated alerts.
ZAP Dev Team
0.8.0
retest-alpha-0.8.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/retest-v0.8.0/retest-alpha-0.8.0.zap
SHA-256:4f5e11040bdae3dd842ef60237f8eb78b584494701292e9f2fab4d8331c0c669
https://www.zaproxy.org/docs/desktop/addons/retest/
https://github.com/zaproxy/zap-extensions/
2023-10-12
258962
2.14.0
automation
>=0.31.0
commonlib
>= 1.17.0 & < 2.0.0
retire
Retire.js
Retire.js
Nikita Mundhada and the ZAP Dev Team
0.34.0
retire-release-0.34.0.zap
release
<h3>Changed</h3>
<ul>
<li>Updated with upstream retire.js pattern changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/retire-v0.34.0/retire-release-0.34.0.zap
SHA-256:dfe1e0f8d252f0ef27fb2f9db95ee4e4ea184b18f9f443f610de886b01d914dd
https://www.zaproxy.org/docs/desktop/addons/retire.js/
https://github.com/zaproxy/zap-extensions/
2024-04-02
987181
2.14.0
commonlib
>= 1.16.0 & < 2.0.0
reveal
Reveal
Show hidden fields and enable disabled fields
ZAP Dev Team
7
reveal-release-7.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/reveal-v7/reveal-release-7.zap
SHA-256:42e428682882b21e2802c2f762a2641c24dab4e5442ad3c9be5d3cf5a1e22ace
https://www.zaproxy.org/docs/desktop/addons/reveal/
https://github.com/zaproxy/zap-extensions/
2023-10-12
238691
2.14.0
revisit
Revisit
Revisit a site at any time in the past using the session history
ZAP Dev Team
5
revisit-alpha-5.zap
alpha
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Prevent exception when processing history after deleting messages.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/revisit-v5/revisit-alpha-5.zap
SHA-256:cdaf29b98bab8f5f899840950974837122bab6f00a9dc7ec72aecdffd6b83c02
https://www.zaproxy.org/docs/desktop/addons/revisit/
https://github.com/zaproxy/zap-extensions/
2023-10-23
302425
2.14.0
saml
SAML Support
Detect, Show, Edit, Fuzz SAML requests
ZAP Dev Team
10
saml-alpha-10.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.12.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/saml-v10/saml-alpha-10.zap
SHA-256:097492271c7ec1d85def81091ffe897f4809927043844d1f5f0c7c598a0ad164
https://www.zaproxy.org/docs/desktop/addons/saml-support/
https://github.com/zaproxy/zap-extensions/
2022-10-28
1811985
2.12.0
scripts
Script Console
Supports all JSR 223 scripting languages
ZAP Dev Team
45.2.0
scripts-release-45.2.0.zap
release
<h3>Added</h3>
<ul>
<li>Active and Passive Scripts with a <code>getMetadata()</code> function are now treated as first-class scan rules (Issue 7105).</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Error when trying to run an unsupported script type through the Automation Framework.</li>
<li>The "Scripts Passive Scanner" scan rule was being loaded twice.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/scripts-v45.2.0/scripts-release-45.2.0.zap
SHA-256:76b5c5a58abc667bc50bf4bbb40190a9b20a3fcb92ddebb69bb99b0679e044e1
https://www.zaproxy.org/docs/desktop/addons/script-console/
https://github.com/zaproxy/zap-extensions/
2024-04-11
5082980
2.14.0
commonlib
>=1.24.0
selenium
Selenium
WebDriver provider and includes HtmlUnit browser
ZAP Dev Team
15.22.0
selenium-release-15.22.0.zap
release
<h3>Changed</h3>
<ul>
<li>Update Selenium to version 4.20.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/selenium-v15.22.0/selenium-release-15.22.0.zap
SHA-256:a47e6291707ad7b4ca4828dda31dfa15211a6fefa4329f0c61688cb931b98a19
https://www.zaproxy.org/docs/desktop/addons/selenium/
https://github.com/zaproxy/zap-extensions/
2024-04-26
31104535
2.14.0
commonlib
>=1.23.0
network
>=0.2.0
sequence
Sequence
Gives the possibility of defining a sequence of requests to be scanned.
ZAP Dev Team
7
sequence-alpha-7.zap
alpha
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.14.0.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Prevent exception if no display (Issue 3978).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/sequence-v7/sequence-alpha-7.zap
SHA-256:422d278ae7619f02adec8a43e997443a04b0d3f00e44fffd64e556b2f1941a4d
https://www.zaproxy.org/docs/desktop/addons/sequence-scanner/
https://github.com/zaproxy/zap-extensions/
2023-10-23
1558728
2.14.0
zest
soap
SOAP Support
Imports and scans WSDL files containing SOAP endpoints.
Alberto (albertov91) + ZAP Dev Team
22
soap-beta-22.zap
beta
<h3>Added</h3>
<ul>
<li>Video link in help for Automation Framework job.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Link website alert pages and help (Issue 8189).</li>
<li>Updated Alerts' reference links (Issue 8262).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/soap-v22/soap-beta-22.zap
SHA-256:97e774addc0b3ebdaa5cde6236d65ae6b2b647ecaeb6fe6e0ff8fd3734e9e3f9
https://www.zaproxy.org/docs/desktop/addons/soap-support/
https://github.com/zaproxy/zap-extensions/
2024-03-25
12848881
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
spider
Spider
Spider used for automatically finding URIs on a site.
ZAP Dev Team
0.10.0
spider-release-0.10.0.zap
release
<h3>Changed</h3>
<ul>
<li>Skip parsing of empty SVGs.</li>
<li>Maintenance changes.</li>
<li>Setting "Query Parameters Handling" via automation framework should now be more forgiving as to the case of the values (enums).</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Ensure issues in one parser don't break the whole parsing process.</li>
<li>Fix exception that happened with absolute dotted URLs in inlined content.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/spider-v0.10.0/spider-release-0.10.0.zap
SHA-256:d1e87efd56ad55efb727827398c8345f4d0d3f9af5e99fb50615520e6aa6d3e2
https://www.zaproxy.org/docs/desktop/addons/spider/
https://github.com/zaproxy/zap-extensions/
2024-02-12
1150781
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
database
network
>=0.3.0
spiderAjax
Ajax Spider
Allows you to spider sites that make heavy use of JavaScript using Crawljax
ZAP Dev Team
23.18.0
spiderAjax-release-23.18.0.zap
release
<h3>Added</h3>
<ul>
<li>Add context menu item to Contexts tree to show the AJAX Spider dialogue with the selected Context.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Add icon to the Tools menu item.</li>
<li>Scale icons.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/spiderAjax-v23.18.0/spiderAjax-release-23.18.0.zap
SHA-256:19d1737f404bdd3ccb0f368760d8783629f915b4f8d5cb585ed50ebc3c1e9602
https://www.zaproxy.org/docs/desktop/addons/ajax-spider/
https://github.com/zaproxy/zap-extensions/
2023-11-10
7563777
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
network
>=0.11.0
selenium
15.*
sqliplugin
Advanced SQLInjection Scanner
An advanced active injection bundle for SQLi (derived by SQLMap)
Andrea Pompili (Yhawke)
15
sqliplugin-beta-15.zap
beta
<h3>Fixed</h3>
<ul>
<li>Re-ordered variable initialization to prevent an NPE.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/sqliplugin-v15/sqliplugin-beta-15.zap
SHA-256:76e857bd2fea0b57b641862ea5bef46365ac1b03a19371c5e818a5401f7d9384
https://www.zaproxy.org/docs/desktop/addons/advanced-sqlinjection-scanner/
https://github.com/zaproxy/zap-extensions/
2021-10-20
534349
2.11.0
commonlib
>= 1.5.0 & < 2.0.0
sse
Server-Sent Events
Allows you to view Server-Sent Events (SSE) communication.
ZAP Dev Team
12
sse-alpha-12.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.12.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/sse-v12/sse-alpha-12.zap
SHA-256:c8805d497f71495e1d7fab7dfccf1955cc996ff514e6c0154e7937a72fdafc6c
https://www.zaproxy.org/docs/desktop/addons/server-sent-events/
https://github.com/zaproxy/zap-extensions/
2022-10-28
334645
2.12.0
svndigger
SVN Digger Files
SVN Digger files which can be used with ZAP forced browsing
ZAP Dev Team
4
svndigger-release-4.zap
release
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add repo URL.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Promote to release status.</li>
<li>Change info URL to link to the site.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/svndigger-v4/svndigger-release-4.zap
SHA-256:5556efdf3fdb84ebd6cf3e76ca31e3fb6fb57c002cf14b2cf2f05f67bf2b622a
https://www.zaproxy.org/docs/desktop/addons/svn-digger-files/
https://github.com/zaproxy/zap-extensions/
2021-10-07
713963
2.11.0
tips
Tips and Tricks
Display ZAP Tips and Tricks
ZAP Dev Team
12
tips-beta-12.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/tips-v12/tips-beta-12.zap
SHA-256:ccd67befe241450e48bd98ccfb6040f100ae473f4865001cd3dfc84bd595c8ff
https://www.zaproxy.org/docs/desktop/addons/tips-and-tricks/
https://github.com/zaproxy/zap-extensions/
2023-10-12
572464
2.14.0
tokengen
Token Generation and Analysis
Allows you to generate and analyze pseudo random tokens, such as those used for session handling or CSRF protection
ZAP Dev Team
15
tokengen-beta-15.zap
beta
<h3>Changed</h3>
<ul>
<li>Now using 2.10 logging infrastructure (Log4j 2.x).</li>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/tokengen-v15/tokengen-beta-15.zap
SHA-256:daef1d13d44a76b8735a30ed9e1e50fa87a85d02728bd7ae575197d173f942f9
https://www.zaproxy.org/docs/desktop/addons/token-generator/
https://github.com/zaproxy/zap-extensions/
2021-10-07
525206
2.11.0
treetools
TreeTools
Tools to add functionality to the tree view.
Carl Sampson
8
treetools-beta-8.zap
beta
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/treetools-v8/treetools-beta-8.zap
SHA-256:b7f61f8939937ebc120bce8deb72713d7676087056e88801df2573112e7642e4
https://www.zaproxy.org/docs/desktop/addons/treetools/
https://github.com/zaproxy/zap-extensions/
2021-10-07
128931
2.11.0
viewstate
ViewState
ASP/JSF ViewState Decoder and Editor
Calum Hutton
3
viewstate-alpha-3.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/viewstate-v3/viewstate-alpha-3.zap
SHA-256:715caefd591415e79b32195361fea82aa8c6357b24e69530c22fde0a1b6dad17
https://www.zaproxy.org/docs/desktop/addons/viewstate/
https://github.com/zaproxy/zap-extensions/
2021-10-07
148716
2.11.0
wappalyzer
Wappalyzer - Technology Detection
Technology detection using Wappalyzer: wappalyzer.com
ZAP Dev Team
21.36.0
wappalyzer-release-21.36.0.zap
release
<h3>Fixed</h3>
<ul>
<li>Implemented a change to address a resource contention issue when loading Tech Detection details (Issue 8464).</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Suppress further un-helpful messages from the jsvg library logger.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/wappalyzer-v21.36.0/wappalyzer-release-21.36.0.zap
SHA-256:fe21684aaacf68b4260d3d89a826571d4f2e0bed8ba06933cf91333e6b2bc884
https://www.zaproxy.org/docs/desktop/addons/technology-detection/
https://github.com/zaproxy/zap-extensions/
2024-05-02
12822765
2.14.0
commonlib
>= 1.17.0 & < 2.0.0
webdriverlinux
Linux WebDrivers
Linux WebDrivers for Firefox and Chrome.
ZAP Dev Team
81
webdriverlinux-release-81.zap
release
<h3>Changed</h3>
<ul>
<li>Update ChromeDriver to 124.0.6367.91.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/webdriverlinux-v81/webdriverlinux-release-81.zap
SHA-256:59ea95b41d34370d6161a927064655085a54f7d4cbbbfd75cb4b0d352e3280c9
https://www.zaproxy.org/docs/desktop/addons/linux-webdrivers/
https://github.com/zaproxy/zap-extensions/
2024-04-26
18016898
2.14.0
webdrivermacos
MacOS WebDrivers
MacOS WebDrivers for Firefox and Chrome.
ZAP Dev Team
81
webdrivermacos-release-81.zap
release
<h3>Changed</h3>
<ul>
<li>Update ChromeDriver to 124.0.6367.91.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/webdrivermacos-v81/webdrivermacos-release-81.zap
SHA-256:684ae6657c1d5604897ee480527c5c5894f2a3a5e1d7c13142e2cdad4cc6c28a
https://www.zaproxy.org/docs/desktop/addons/macos-webdrivers/
https://github.com/zaproxy/zap-extensions/
2024-04-26
22711854
2.14.0
webdriverwindows
Windows WebDrivers
Windows WebDrivers for Firefox and Chrome.
ZAP Dev Team
81
webdriverwindows-release-81.zap
release
<h3>Changed</h3>
<ul>
<li>Update ChromeDriver to 124.0.6367.91.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/webdriverwindows-v81/webdriverwindows-release-81.zap
SHA-256:d22f72919188b2c1c2eae7aa498384f6ec132f64acb8c8b4fe2898b2969811b9
https://www.zaproxy.org/docs/desktop/addons/windows-webdrivers/
https://github.com/zaproxy/zap-extensions/
2024-04-26
19984675
2.14.0
websocket
WebSockets
Allows you to inspect WebSocket communication.
ZAP Dev Team
30
websocket-release-30.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.14.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/websocket-v30/websocket-release-30.zap
SHA-256:f8966414d05f3cf8d26695181f36b89ec15c705556368733e927bf43d3583e60
https://www.zaproxy.org/docs/desktop/addons/websockets/
https://github.com/zaproxy/zap-extensions/
2023-10-12
1398420
2.14.0
zest
Zest - Graphical Security Scripting Language
A graphical security scripting language, ZAPs macro language on steroids
ZAP Dev Team
44
zest-beta-44.zap
beta
<h3>Added</h3>
<ul>
<li>Support for menu weights (Issue 8369)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum <code>scripts</code> add-on version to 45.1.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/zest-v44/zest-beta-44.zap
SHA-256:b62e0f5a39fc0071a58fb2f7a7d35000e67087addf41db373607166c93a4be24
https://www.zaproxy.org/docs/desktop/addons/zest/
https://github.com/zaproxy/zap-extensions/
2024-04-11
5601877
2.14.0
commonlib
>=1.24.0
network
>=0.2.0
scripts
>=45.2.0
selenium
>= 15.13.0