2.11.1 D-2021-10-18 https://github.com/zaproxy/zaproxy/releases/download/w2021-10-18/ZAP_WEEKLY_D-2021-10-18.zip ZAP_WEEKLY_D-2021-10-18.zip SHA-256:9d4bcb12e47293f3cbc4c32285b8469e620f092bb2519e65e12e5e528a25a8ad 188556676 https://github.com/zaproxy/zaproxy/releases/download/v2.11.1/ZAP_2_11_1_windows-x32.exe ZAP_2_11_1_windows-x32.exe SHA-256:4f753278b374d292a0c1c8fbabc60153acf3bd7c9ce8fb1930a5d68fdfad6638 192166400 https://github.com/zaproxy/zaproxy/releases/download/v2.11.1/ZAP_2_11_1_windows.exe ZAP_2_11_1_windows.exe SHA-256:0c86af10453b2444e70706f259a5878586f536fc57f14b85b41dd47fdbc45922 192259072 https://github.com/zaproxy/zaproxy/releases/download/v2.11.1/ZAP_2.11.1_Linux.tar.gz ZAP_2.11.1_Linux.tar.gz SHA-256:5f83666e5863f4f94eac583942f1c4e15f9cc7b7307d05bc6ce6545265c6382c 194801121 https://github.com/zaproxy/zaproxy/releases/download/v2.11.1/ZAP_2.11.1.dmg ZAP_2.11.1.dmg SHA-256:e0129757db1a0b9770e3c6d7fbdba63bfe893bdfd476eae45a12bbd1e5b8f2e6 222978300 Bug fix and enhancement release. https://www.zaproxy.org/docs/desktop/releases/2.11.1/ accessControl Access Control Testing Adds a set of tools for testing access control in web applications. ZAP Dev Team 7 accessControl-alpha-7.zap alpha <h3>Changed</h3> <ul> <li>Don't set the font color for inherited entries (Issue 6397).</li> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes (some changes impact the visibility of variables and add getters/setters, which may impact third party add-ons or scripts).</li> <li>Change to no longer rely on core report classes, which are going to be deleted.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/accessControl-v7/accessControl-alpha-7.zap SHA-256:5bfa0e14cf227bc402c58bd35c19c474b781e519585f3d62c2b174e8c6ac55a0 https://www.zaproxy.org/docs/desktop/addons/access-control-testing/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 591286 2.11.0 alertFilters Alert Filters Allows you to automate the changing of alert risk levels. ZAP Dev Team 13 alertFilters-release-13.zap release <h3>Added</h3> <ul> <li>Stats for alerts changed</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> <h3>Fixed</h3> <ul> <li>Dialogs being shown under the owning dialog / frame.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/alertFilters-v13/alertFilters-release-13.zap SHA-256:71ecbe94847cf1ade03ed81d57831d806317b65c72d468521fb43f280dd710a9 https://www.zaproxy.org/docs/desktop/addons/alert-filters/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 523886 2.11.0 allinonenotes All In One Notes A simple extension to view all notes in one pane. David Vassallo 2 allinonenotes-alpha-2.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Update link to repository.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/allinonenotes-v2/allinonenotes-alpha-2.zap SHA-256:9e70d6e76b72692e9c0cb64002a692b710710e688ea2d8834818086300632d2a https://www.zaproxy.org/docs/desktop/addons/all-in-one-notes/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 249532 2.11.0 amf AMF Support Adds support for AMF messages ZAP Dev Team 3 amf-alpha-3.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/amf-v3/amf-alpha-3.zap SHA-256:01345ea00a6623d794753a3210f4e3e2b50a8c4ce2bfa6ea57324f0ff01ad7e3 https://www.zaproxy.org/docs/desktop/addons/amf-support/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 911943 2.11.0 ascanrules Active scanner rules The release status Active Scanner rules ZAP Dev Team 46 ascanrules-release-46.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> <h3>Fixed</h3> <ul> <li>Fix Cross Site Scripting (Reflected) scan rule false negatives introduced in previous version.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/ascanrules-v46/ascanrules-release-46.zap SHA-256:8bc56103b0f67966f2ccfc2d9fdb3cffe42fa1a504f1d24d2d39c85f8b5aa4eb https://www.zaproxy.org/docs/desktop/addons/active-scan-rules/ https://github.com/zaproxy/zap-extensions/ 2022-03-21 2499205 2.11.1 commonlib >= 1.9.0 & < 2.0.0 ascanrulesAlpha Active scanner rules (alpha) The alpha status Active Scanner rules ZAP Dev Team 38 ascanrulesAlpha-alpha-38.zap alpha <h3>Added</h3> <ul> <li>Scan rules for Server Side Template Injection (<a href="https://github.com/zaproxy/zaproxy/issues/2332">Issue 2332</a>).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/ascanrulesAlpha-v38/ascanrulesAlpha-alpha-38.zap SHA-256:6f394b74c7a4b925c472029302fa7f5513036198bcccdc0efcf93695abc6502c https://www.zaproxy.org/docs/desktop/addons/active-scan-rules-alpha/ https://github.com/zaproxy/zap-extensions/ 2022-04-08 576912 2.11.1 commonlib >= 1.9.0 & < 2.0.0 oast >= 0.7.0 ascanrulesBeta Active scanner rules (beta) The beta status Active Scanner rules ZAP Dev Team 41 ascanrulesBeta-beta-41.zap beta <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Adding more checks to Hidden File Finder scan rule.</li> <li>The Cloud Metadata scan rule will now be attempted with additional payloads (using DNS not just IPs), and supporting Alibaba.</li> </ul> <h3>Fixed</h3> <ul> <li>False Positive in XSLT Injection where &quot;Microsoft-Azure-Application-Gateway&quot; can be returned in a 403 if the gateway detects an attack.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/ascanrulesBeta-v41/ascanrulesBeta-beta-41.zap SHA-256:703ba1d171a68a5dcdc3acb84d7f800dcc8a8a8282ab2cea362585e618b933a4 https://www.zaproxy.org/docs/desktop/addons/active-scan-rules-beta/ https://github.com/zaproxy/zap-extensions/ 2022-06-08 2079924 2.11.1 commonlib >= 1.7.0 & < 2.0.0 network >= 0.1.0 oast >= 0.7.0 attacksurfacedetector Attack Surface Detector The Attack Surface Detector analyzes web application source code to generate endpoints that can be used for penetration testing. Secure Decisions (Matthew DeLetto) 1.1.4 attacksurfacedetector-alpha-1.1.4.zap alpha Various incremental changes (see https://github.com/secdec/attack-surface-detector-zap/releases)<br> Fix un-handled exception when target unavailable & address various "house keeping" tasks.<br> https://github.com/zaproxy/zap-extensions/releases/download/2.7/attacksurfacedetector-alpha-1.1.4.zap SHA1:e21758c2cdcbc7806f44cc986a88360457eff82e https://github.com/secdec/attack-surface-detector-zap/wiki https://github.com/secdec/attack-surface-detector-zap/ 2019-03-07 15604948 2.7.0 authstats Authentication Statistics Records logged in/out statistics for all contexts in scope. ZAP Dev Team 2 authstats-alpha-2.zap alpha <h3>Added</h3> <ul> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Dynamically unload the add-on.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/authstats-v2/authstats-alpha-2.zap SHA-256:cfb604c27f3a7a58e7b5aa55fe9f19a9ce5561fab3ef7d3f6c72845671fb5dcf https://www.zaproxy.org/docs/desktop/addons/authentication-statistics/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 247499 2.11.0 automation Automation Framework Automation Framework. ZAP Dev Team 0.16.0 automation-beta-0.16.0.zap beta <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> <h3>Fixed</h3> <ul> <li>Show each context URL in its own line when editing in the GUI (Issue 7241).</li> <li>Correct error messages.</li> <li>Wrong API end point reference in help</li> <li>Fix exception when alerts found during active scan no longer exist when creating the data for the report.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/automation-v0.16.0/automation-beta-0.16.0.zap SHA-256:23435dffc7676da929986495dc423289a109918c5b8a379d5f10a0c5e033c828 https://www.zaproxy.org/docs/desktop/addons/automation-framework/ https://github.com/zaproxy/zap-extensions/ 2022-06-22 4183964 2.11.1 beanshell BeanShell Console Provides a BeanShell Console ZAP Dev Team 7 beanshell-beta-7.zap beta <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> <li>Improve permissions and space handling when saving.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/beanshell-v7/beanshell-beta-7.zap SHA-256:0a83cb7d0369ccef50768ccbda1e6c6d82b9f4e3bd9372b38fd32cc21f6a30fb https://www.zaproxy.org/docs/desktop/addons/bean-shell/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 577838 2.11.0 browserView Browser View Adds an option to render HTML responses like a browser ZAP Dev Team 5 browserView-alpha-5.zap alpha Allow to properly scroll the rendered page. https://github.com/zaproxy/zap-extensions/releases/download/2.7/browserView-alpha-5.zap SHA1:0aaf81863ad1011136416b49a05eba3d8b262a02 https://www.zaproxy.org/docs/desktop/addons/browser-view/ https://github.com/zaproxy/zap-extensions/ 2017-11-28 193880 2.4.0 bruteforce Forced Browse Forced browsing of files and directories using code from the OWASP DirBuster tool ZAP Dev Team 11 bruteforce-beta-11.zap beta <h3>Changed</h3> <ul> <li>Send HTTP messages with ZAP, making use of all its features (e.g. user authentication, custom user-agent, HTTP Sender scripts) (Issues 173 and 3060).</li> <li>Now using 2.10 logging infrastructure (Log4j 2.x).</li> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/bruteforce-v11/bruteforce-beta-11.zap SHA-256:b0713b47c7e16a33d46002382b83ebcdd18bfdf852bf021574378dde49f347fc https://www.zaproxy.org/docs/desktop/addons/forced-browse/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 548895 2.11.0 bugtracker Bug Tracker Bug Tracker extension. ZAP Dev Team 3 bugtracker-alpha-3.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> <li>Remove broken link from the user guide.</li> </ul> <h3>Fixed</h3> <ul> <li>Show correct help page for the options panel.</li> <li>Remove the options panels when the add-on is uninstalled.</li> </ul> <h3>Removed</h3> <ul> <li>Remove unused resource message.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/bugtracker-v3/bugtracker-alpha-3.zap SHA-256:fe11b8ee2c39e374a578b064250563d28901fc3a7d3c4cacaefd69336c6f78a3 https://www.zaproxy.org/docs/desktop/addons/bug-tracker/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 3427588 2.11.0 callgraph Call Graph Allows the user to view a call graph of the selected resources Colm O'Flaherty 5 callgraph-alpha-5.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/callgraph-v5/callgraph-alpha-5.zap SHA-256:0874ce5aad0c4bbf28f72627a4940759d328396e12b7d6a5596f2e41bf24dc4e https://www.zaproxy.org/docs/desktop/addons/call-graph/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 925930 2.11.0 callhome Call Home Handles all of the calls to ZAP services. ZAP Dev Team 0.3.0 callhome-alpha-0.3.0.zap alpha <h3>Added</h3> <ul> <li>More stats, in preparation for them being added to the respective add-ons</li> </ul> <h3>Fixed</h3> <ul> <li>Bugs sending telemetry on shutdown</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/callhome-v0.3.0/callhome-alpha-0.3.0.zap SHA-256:a92078ec3bdf5309ea3688e477789c5f5e82bfc0a503e6e40bc7d0bd8dcd79a6 https://www.zaproxy.org/docs/desktop/addons/call-home/ https://github.com/zaproxy/zap-extensions/ 2022-01-21 317537 2.11.1 codedx Code Dx Extension Includes request and response data in XML reports and provides the ability to upload reports directly to a Code Dx server Code Dx, Inc. 9 codedx-alpha-9.zap alpha <h3>Added</h3> <ul> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Change info URL to link to the site.</li> <li>Maintenance changes.</li> <li>Change to no longer rely on core report classes, which are going to be deleted.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/codedx-v9/codedx-alpha-9.zap SHA-256:767e0a098de281f0bc880b036a5192f26fe0bb014b81227b385a0b63ca570428 https://www.zaproxy.org/docs/desktop/addons/code-dx/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 1769797 2.11.0 commonlib Common Library A common library, for use by other add-ons. ZAP Dev Team 1.9.0 commonlib-release-1.9.0.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/commonlib-v1.9.0/commonlib-release-1.9.0.zap SHA-256:a269dda47b5c28e1abf9054c0b01c767b6f307a989e30520f8992c9d580e101d https://github.com/zaproxy/zap-extensions/ 2022-03-21 4077357 2.11.1 communityScripts Community Scripts Useful ZAP scripts written by the ZAP community. ZAP Community 14 communityScripts-alpha-14.zap alpha <h3>Added</h3> <ul> <li>variant/CompoundCookies.js - An input vector script that handles splitting of compound cookies (Issue 6582).</li> <li>active/corsair.py &gt; An active scan script to check for CORS related issues.)</li> <li>payloadgenerator/securerandom.js &gt; A fuzzer payload generator script that uses Java's SecureRandom as it's source (related to issue 6892).</li> <li>active/bxss.py &gt; an active scan script for inject blind xss payloads to the parameters</li> </ul> https://github.com/zaproxy/community-scripts/releases/download/v14/communityScripts-alpha-14.zap SHA-256:4bf08142cee557697c6d4d353318433590230e6b701f67c5bcdcd8b5ed38dbd4 https://www.zaproxy.org/docs/desktop/addons/community-scripts/ https://github.com/zaproxy/community-scripts/ 2021-11-01 447827 2.11.0 coreLang Core Language Files Translations of the core language files ZAP Dev Team 15 coreLang-release-15.zap release <h3>Changed</h3> <ul> <li>Update the languages files from Crowdin.</li> <li>Update minimum ZAP version to 2.11.1.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/coreLang-v15/coreLang-release-15.zap SHA-256:d8258b914ffc95820dd045acf56677668a8cbbfc759290f72e30210056dfb88c https://crowdin.com/project/owasp-zap https://github.com/zaproxy/zap-extensions/ 2022-02-14 4616009 2.11.1 custompayloads Custom Payloads Ability to add, edit or remove payloads that are used i.e. by active scanners ZAP Dev Team 0.11.0 custompayloads-alpha-0.11.0.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/custompayloads-v0.11.0/custompayloads-alpha-0.11.0.zap SHA-256:84d01dbfe0739ee70acd8286916e0106595ceb550e7793925ce48a2db6477383 https://www.zaproxy.org/docs/desktop/addons/custom-payloads/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 234832 2.11.0 diff Diff Displays a dialog showing the differences between 2 requests or responses. It uses diffutils and diff_match_patch ZAP Dev Team 11 diff-beta-11.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> <li>Updated menu items to use title caps (Issue 2000).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/diff-v11/diff-beta-11.zap SHA-256:a3ae6f59d98e28112f4a5e2616bfaca48823af746affa1729f32eaa1d7398aaa https://www.zaproxy.org/docs/desktop/addons/diff/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 282304 2.11.0 directorylistv1 Directory List v1.0 List of directory names to be used with Forced Browse or Fuzzer add-on. ZAP Dev Team 5 directorylistv1-release-5.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/directorylistv1-v5/directorylistv1-release-5.zap SHA-256:c1c0e14aac2ce203bdfd3a038f9b9dcf0b498f404936c3ff96e5a4614f611b9f https://www.zaproxy.org/docs/desktop/addons/directory-list-v1.0/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 960428 2.11.0 directorylistv2_3 Directory List v2.3 Lists of directory names to be used with Forced Browse or Fuzzer add-on. ZAP Dev Team 4 directorylistv2_3-release-4.zap release <h3>Added</h3> <ul> <li>Add help.</li> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/directorylistv2_3-v4/directorylistv2_3-release-4.zap SHA-256:3a8b04b9363b57acd9cf8cd67abce4c630f986e2b492a1ebd01eaa9587a0a199 https://www.zaproxy.org/docs/desktop/addons/directory-list-v2.3/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 8722229 2.11.0 directorylistv2_3_lc Directory List v2.3 LC Lists of lower case directory names to be used with Forced Browse or Fuzzer add-on. ZAP Dev Team 4 directorylistv2_3_lc-release-4.zap release <h3>Added</h3> <ul> <li>Add help.</li> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/directorylistv2_3_lc-v4/directorylistv2_3_lc-release-4.zap SHA-256:2603580ba53673c31800ef7373e7cc09de759369b6f8fb43cc9e5024ad5d9af4 https://www.zaproxy.org/docs/desktop/addons/directory-list-v2.3-lc/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 7569974 2.11.0 domxss DOM XSS Active scanner rule DOM XSS Active scanner rule Aabha Biyani, ZAP Dev Team 12 domxss-beta-12.zap beta <h3>Changed</h3> <ul> <li>Dependency updates.</li> </ul> <h3>Added</h3> <ul> <li>Functionality for example alert handling in order to assist in documentation efforts.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/domxss-v12/domxss-beta-12.zap SHA-256:0bc30e0b2dbbea1a926e030fa8af2a95be8e5140e4bc8b99e9588886c31cbdd6 https://www.zaproxy.org/docs/desktop/addons/dom-xss-active-scan-rule/ https://github.com/zaproxy/zap-extensions/ 2021-12-06 268685 2.11.0 commonlib >= 1.5.0 & < 2.0.0 selenium 15.* encoder Encoder Adds encode/decode/hash dialog and support for scripted processors as well ZAP Dev Team 0.6.0 encoder-beta-0.6.0.zap beta <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> <h3>Removed</h3> <ul> <li>Groovy default template moved to Groovy add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/encoder-v0.6.0/encoder-beta-0.6.0.zap SHA-256:1615f183c89245b187b729a3e33ccc16dd43a39fa3fb0b0b94f719b649930eb4 https://www.zaproxy.org/docs/desktop/addons/encode-decode-hash/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 388487 2.11.0 evalvillain Eval Villain Adds the Eval Villain extension to Firefox when launched from ZAP. Dennis Goodlett and the ZAP Dev Team 0.1.1 evalvillain-alpha-0.1.1.zap alpha <h3>Fixed</h3> <ul> <li>Fix the downloaded version of the Eval Villain Firefox extension.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/evalvillain-v0.1.1/evalvillain-alpha-0.1.1.zap SHA-256:b0932f4f8fec19bf0dfae1dbe3668bbdadc6092707ea360216e37fdc8ae457cd https://www.zaproxy.org/docs/desktop/addons/eval-villain/ https://github.com/zaproxy/zap-extensions/ 2022-02-15 4943171 2.11.1 selenium >=15.5.0 exim Import/Export Import and Export functionality ZAP Dev Team & thatsn0tmysite 0.1.0 exim-beta-0.1.0.zap beta <h3>Changed</h3> <ul> <li>Reduce logging and display a warning dialog when unable to read files being imported (Issue 7081).</li> <li>Promoted to Beta.</li> </ul> <h3>Added</h3> <ul> <li>Importing a file of URLs or HAR is now displayed in the progress panel provided via commonlib.</li> <li>Automation Framework (Issue 7078).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/exim-v0.1.0/exim-beta-0.1.0.zap SHA-256:e7ed40e073b7bf355d2eabe55641651e63f73770e485d1586d7c423827a181b0 https://www.zaproxy.org/docs/desktop/addons/import-export/ https://github.com/zaproxy/zap-extensions/ 2022-03-07 356202 2.11.1 commonlib >= 1.8.0 & < 2.0.0 fileupload FileUpload Detect File upload requests and scan them to find related vulnerabilities KSASAN preetkaran20@gmail.com 1.1.0 fileupload-alpha-1.1.0.zap alpha https://github.com/zaproxy/zap-extensions/releases/download/2.7/fileupload-alpha-1.1.0.zap SHA-256:47f2d93c6a53c55983056af282ebef09e80d27c0980517a73347778ad9e47932 https://github.com/SasanLabs/owasp-zap-fileupload-addon/ 2021-09-17 77520 2.11.0 formhandler Form Handler This Form Handler Add-on allows a user to define field names and values to be used in a form's fields. Fields can be added, modified, enabled, and deleted for use in form fields. ZAP Dev Team 4 formhandler-beta-4.zap beta <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/formhandler-v4/formhandler-beta-4.zap SHA-256:d59d0d438d70cbc66e5785b756c6575ffa58c49e58e5585e31d6ddc45fc7d1c3 https://www.zaproxy.org/docs/desktop/addons/form-handler/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 2199004 2.11.0 fuzz Fuzzer Advanced fuzzer for manual testing ZAP Dev Team 13.6.0 fuzz-beta-13.6.0.zap beta <h3>Added</h3> <ul> <li>An option to edit the selected message - note this will clear any defined fuzz locations</li> <li>Fuzzer statistics</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/fuzz-v13.6.0/fuzz-beta-13.6.0.zap SHA-256:3944f5c80a5679db9e749d93c88c6c6458c097cf44e8804408ec6bead25b618f https://www.zaproxy.org/docs/desktop/addons/fuzzer/ https://github.com/zaproxy/zap-extensions/ 2022-01-14 1980132 2.11.1 fuzzdb FuzzDB Files FuzzDB files which can be used with the ZAP fuzzer ZAP Dev Team 8 fuzzdb-release-8.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> <h3>Fixed</h3> <ul> <li>Terminology</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/fuzzdb-v8/fuzzdb-release-8.zap SHA-256:0b65cee3aa65e5dc11cbb83ed5d13ba1dcb330278fb2f8cc7d6957680b1e17c6 https://www.zaproxy.org/docs/desktop/addons/fuzzdb-files/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 6167276 2.11.0 fuzzdboffensive FuzzDB Offensive FuzzDB web backdoors and attack files which can be used with the ZAP fuzzer or for manual penetration testing ZAP Dev Team 4 fuzzdboffensive-release-4.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.10.0.</li> </ul> https://github.com/zaproxy/fuzzdb-offensive/releases/download/v4/fuzzdboffensive-release-4.zap SHA-256:06bf75d2745c8f6e9a861597a31bab2d3f96058a3c497539a3ba234c687e796a https://www.zaproxy.org/docs/desktop/addons/fuzzdb-offensive/ https://github.com/zaproxy/fuzzdb-offensive/ 2021-06-11 414373 2.10.0 gettingStarted Getting Started with ZAP Guide A short Getting Started with ZAP Guide ZAP Dev Team 13 gettingStarted-release-13.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Updated for 2.11.0</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/gettingStarted-v13/gettingStarted-release-13.zap SHA-256:3eea769ec19f28c2ac7e924f5c77dbd1c3c59f40f409a1fcd3bf97cebdfd36ad https://www.zaproxy.org/docs/desktop/addons/getting-started-guide/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 707048 2.11.0 graaljs GraalVM JavaScript Provides the GraalVM JavaScript engine for ZAP scripting. ZAP Dev Team 0.2.0 graaljs-alpha-0.2.0.zap alpha <h3>Added</h3> <ul> <li>encode-decode Default and rot13 templates.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Update links to zaproxy repo.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/graaljs-v0.2.0/graaljs-alpha-0.2.0.zap SHA-256:6201ffc802a1d4922a4f2b5ea38f58a7332a5638e3719f4796efba375aa15045 https://github.com/zaproxy/zap-extensions/ 2021-10-06 20440785 2.11.0 graphql GraphQL Support Inspect and attack GraphQL endpoints. ZAP Dev Team 0.9.0 graphql-alpha-0.9.0.zap alpha <h3>Changed</h3> <ul> <li>Replace variables present in <code>schemaFile</code> when running the automation job.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/graphql-v0.9.0/graphql-alpha-0.9.0.zap SHA-256:62a7c426bc7659e4ed47fa4180549946d7c8a0a49f39c6c88acc7f6c8afd4306 https://www.zaproxy.org/docs/desktop/addons/graphql-support/ https://github.com/zaproxy/zap-extensions/ 2022-04-05 22089194 2.11.1 groovy Groovy Support Adds Groovy support to ZAP ZAP Dev Team 3.1.0 groovy-beta-3.1.0.zap beta <h3>Added</h3> <ul> <li>encode-decode default template.</li> </ul> <h3>Changed</h3> <ul> <li>Update links to zaproxy and zap-extensions repos.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/groovy-v3.1.0/groovy-beta-3.1.0.zap SHA-256:ee208309c6b9619f6527a05f48949e38e1476f2b3fa7c6e32fbd1111f4bdac58 https://www.zaproxy.org/docs/desktop/addons/groovy-support/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 19006812 2.11.0 help Help - English English version of the ZAP help file. ZAP Crowdin Team 14 help-release-14.zap release <h3>Changed</h3> <ul> <li>Updated 2.11.1 release notes.</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help-v14/help-release-14.zap SHA-256:b9a0927ce7a80df42b28b40beafad0ecfa34e45d628b302cf93e0bc825d93ee8 https://www.zaproxy.org/docs/desktop/ https://github.com/zaproxy/zap-core-help/ 2021-12-10 875420 2.10.0 help_ar_SA Help - Arabic Arabic version of the ZAP help file. ZAP Crowdin Team 1 help_ar_SA-alpha-1.zap alpha <ul> <li>First version.</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ar_SA-v1/help_ar_SA-alpha-1.zap SHA-256:8208b0c788d5e29a2bb34f3c44c07db613faefb17d8d9cfb60adc02629c2b3f1 https://github.com/zaproxy/zap-core-help/ 2022-01-18 649333 2.11.0 help_bs_BA Help - Bosnian Bosnian version of the ZAP help file. ZAP Crowdin Team 9 help_bs_BA-alpha-9.zap alpha Updated with the latest files from crowdin https://github.com/zaproxy/zap-extensions/releases/download/2.7/help_bs_BA-alpha-9.zap SHA1:d33a3277e877da4734e6bf9c911c61c4e6ce2f3f 2018-02-08 747536 2.7.0 help_es_ES Help - Spanish Spanish version of the ZAP help file. ZAP Crowdin Team 10 help_es_ES-release-10.zap release <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_es_ES-v10/help_es_ES-release-10.zap SHA-256:63cc24e180374cf038d6aefe31b3f62e170437958ad61d2d3e65d2722fbedc1a https://github.com/zaproxy/zap-core-help/ 2022-01-18 697066 2.11.0 help_fil_PH Help - Filipino Filipino version of the ZAP help file. ZAP Crowdin Team 3 help_fil_PH-alpha-3.zap alpha <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_fil_PH-v3/help_fil_PH-alpha-3.zap SHA-256:64bbeb0f9404b70c0d49e9fd5da789b8d3902a20f518c7305eb412242831a180 https://github.com/zaproxy/zap-core-help/ 2022-01-18 710027 2.11.0 help_fr_FR Help - French French version of the ZAP help file. ZAP Crowdin Team 10 help_fr_FR-alpha-10.zap alpha <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_fr_FR-v10/help_fr_FR-alpha-10.zap SHA-256:f1ede9441e5de48170fdef598eb543ef6ad0813eed2e838d2c4803ea114fcb1a https://github.com/zaproxy/zap-core-help/ 2022-01-18 646717 2.11.0 help_id_ID Help - Indonesian Indonesian version of the ZAP help file. ZAP Crowdin Team 3 help_id_ID-beta-3.zap beta <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_id_ID-v3/help_id_ID-beta-3.zap SHA-256:ef50363872d783c3c49417bc821b28256cf35d8390004c48f6d4e030ceb8a7c5 https://github.com/zaproxy/zap-core-help/ 2022-01-18 671009 2.11.0 help_ja_JP Help - Japanese Japanese version of the ZAP help file. ZAP Crowdin Team 10 help_ja_JP-beta-10.zap beta <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ja_JP-v10/help_ja_JP-beta-10.zap SHA-256:11d310352e8719fe50587c5b97dd5eeb3a2e2ab23e450a7c1d0fad013d003536 https://github.com/zaproxy/zap-core-help/ 2022-01-18 661964 2.11.0 help_ms_MY Help - Malay Malay version of the ZAP help file. ZAP Crowdin Team 1 help_ms_MY-alpha-1.zap alpha <ul> <li>First version.</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ms_MY-v1/help_ms_MY-alpha-1.zap SHA-256:6407990b8ebaa2e401c3addc47081c742ab7fce25cec107ef49b4e627ad3ceae https://github.com/zaproxy/zap-core-help/ 2022-01-18 636908 2.11.0 help_pt_BR Help - Portuguese, Brazilian Portuguese, Brazilian version of the ZAP help file. ZAP Crowdin Team 11 help_pt_BR-release-11.zap release <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_pt_BR-v11/help_pt_BR-release-11.zap SHA-256:3fdf92763c1c851848df6b3588c97bbeb22837002351fd00c8208d8ab01ff710 https://github.com/zaproxy/zap-core-help/ 2022-01-18 682092 2.11.0 help_ru_RU Help - Russian Russian version of the ZAP help file. ZAP Crowdin Team 2 help_ru_RU-release-2.zap release <h3>Changed</h3> <ul> <li>Promote to Release</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ru_RU-v2/help_ru_RU-release-2.zap SHA-256:3fd5d8e6af7453a3a16e7c38a19ec941a330d0fd050f562ecebdc4638ae52c80 https://github.com/zaproxy/zap-core-help/ 2022-02-24 779171 2.11.0 help_tr_TR Help - Turkish Turkish version of the ZAP help file. ZAP Crowdin Team 2 help_tr_TR-release-2.zap release <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_tr_TR-v2/help_tr_TR-release-2.zap SHA-256:a92b43beab5e196341d8ddf40d594f1596c225c74f0f5b9280e223acc9a8535c https://github.com/zaproxy/zap-core-help/ 2022-01-18 710766 2.11.0 help_zh_CN Help - Chinese Simplified Chinese Simplified version of the ZAP help file. ZAP Crowdin Team 3 help_zh_CN-beta-3.zap beta <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_zh_CN-v3/help_zh_CN-beta-3.zap SHA-256:959b718a307ca32c7807c0d327533765eeb6a0a799b9bc98a2a1e22b3b47bc5a https://github.com/zaproxy/zap-core-help/ 2022-01-18 656718 2.11.0 highlighter Highlighter Allows you to highlight strings in the request and response tabs. ZAP Dev Team 8 highlighter-alpha-8.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/highlighter-v8/highlighter-alpha-8.zap SHA-256:4c4852bb2f42eb20dbe19a091e9025667947c73967a65770658333bedd01fccf https://www.zaproxy.org/docs/desktop/addons/highlighter/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 115527 2.11.0 hud HUD - Heads Up Display Display information from ZAP in browser. ZAP Dev Team 0.13.0 hud-beta-0.13.0.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Clarify resend tutorial instructions. <a href="https://github.com/zaproxy/zap-hud/issues/861">#861</a></li> <li>Update dependencies.</li> </ul> <h3>Fixed</h3> <ul> <li>Fix typo in tutorial.</li> <li>Added initial accessibility fixes for modals and tabs</li> </ul> https://github.com/zaproxy/zap-hud/releases/download/v0.13.0/hud-beta-0.13.0.zap SHA-256:06bdf1f9ef0c7f1f55cdd1d5eb9c9ba1a53903b8a3a26224c941d7bb9f18c8ef https://www.zaproxy.org/docs/desktop/addons/hud/ https://github.com/zaproxy/zap-hud/ 2021-10-06 1380404 2.11.0 websocket imagelocationscanner Image Location and Privacy Scanner Image Location and Privacy Passive Scanner Jay Ball (veggiespam) and the ZAP Dev Team 3 imagelocationscanner-beta-3.zap beta <h3>Added</h3> <ul> <li>OWASP Top Ten 2021/2017 mappings.</li> <li>Example alert to support documentation efforts.</li> </ul> <h3>Changed</h3> <ul> <li>Update link to repository.</li> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/imagelocationscanner-v3/imagelocationscanner-beta-3.zap SHA-256:0bcf856acad95336f03a72fded0775470fcfdc5d82af2a2ddfb3c6fad03b04e1 https://www.zaproxy.org/docs/desktop/addons/image-location-and-privacy-scanner/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 1135956 2.11.0 commonlib >= 1.5.0 & < 2.0.0 importLogFiles Log File Importer Allows you to import log files from ModSecurity and files previously exported from ZAP Joseph Kirwin, ZAP Dev Team 6 importLogFiles-alpha-6.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/importLogFiles-v6/importLogFiles-alpha-6.zap SHA-256:8e9383c3c8f13abbb98e4726cff2d0843e350e9214dd89c74778a46d679711a2 https://www.zaproxy.org/docs/desktop/addons/log-file-importer/ https://github.com/zaproxy/zap-extensions/ 2021-12-22 156767 2.11.1 exim importurls Import files containing URLs Adds an option to import a file of URLs. The file must be plain text with one URL per line. ZAP Dev Team 9 importurls-beta-9.zap beta <h3>Retired</h3> <ul> <li>This add-on has been retired, and its functionality has been replaced by the Import/Export Add-on.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/importurls-v9/importurls-beta-9.zap SHA-256:1dd3602a9fa88ff2834643556226fd2129561abf217d8b4ac0d7281e55be06ee https://www.zaproxy.org/docs/desktop/addons/import-urls/ https://github.com/zaproxy/zap-extensions/ 2021-12-22 231139 2.11.1 exim invoke Invoke Applications Invoke external applications passing context related information such as URLs and parameters ZAP Dev Team 11 invoke-beta-11.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/invoke-v11/invoke-beta-11.zap SHA-256:088ed335a7dbe1ad1569fc249e1a395f1957e39598c6d4d648cdc49780cb71fc https://www.zaproxy.org/docs/desktop/addons/invoke-applications/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 322829 2.11.0 jruby Ruby Scripting Allows Ruby to be used for ZAP scripting - templates included ZAP Dev Team 8 jruby-beta-8.zap beta <h3>Changed</h3> <ul> <li>Update links to zaproxy repo.</li> <li>Rename reliability to confidence in active/passive templates.</li> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/jruby-v8/jruby-beta-8.zap SHA-256:f5bb450a165f6c407b8d24f7b2776bdc7a2edb0b4b42aea385f8a6ad1ae605ca https://www.zaproxy.org/docs/desktop/addons/ruby-scripting/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 21968128 2.11.0 jsonview JSON View Adds a view that shows JSON messages nicely formatted Juha Kivekäs 2 jsonview-alpha-2.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add the main context menu to the JSON view.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Capitalize the view dropdown menu entry (related to Issue 2000).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/jsonview-v2/jsonview-alpha-2.zap SHA-256:49fd8995eac7724e5a60f7b6d7f10cfb617f3f083b6f23406075631ba23c7ebc https://www.zaproxy.org/docs/desktop/addons/json-view/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 119886 2.11.0 jwt JWT Support Detect JWT requests and scan them to find related vulnerabilities KSASAN preetkaran20@gmail.com 1.0.2 jwt-alpha-1.0.2.zap alpha <ul> <li>First version of JWT Support. <ul> <li>Contains scanning rules for basic JWT related vulnerabilities.</li> <li>Contains JWT Fuzzer for fuzzing the JWT's present in the request.</li> </ul> </li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/2.7/jwt-alpha-1.0.2.zap SHA-256:f35af7bb3fbb88ae3da5ab0ac7a5c562463dfab521f3e54c7194b44358f793b3 https://github.com/SasanLabs/owasp-zap-jwt-addon/ 2022-01-22 751195 2.11.1 commonlib fuzz 13.* jython Python Scripting Allows Python to be used for ZAP scripting - templates included ZAP Dev Team 12 jython-beta-12.zap beta <h3>Added</h3> <ul> <li>encode-decode default and rot13 templates.</li> </ul> <h3>Changed</h3> <ul> <li>Update links to zaproxy repo.</li> <li>Rename reliability to confidence in active/passive templates.</li> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/jython-v12/jython-beta-12.zap SHA-256:4519b862edf8f006c429c86b0152ade561b660ae6f74cfce684b272f4fe28ef1 https://www.zaproxy.org/docs/desktop/addons/python-scripting/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 43312397 2.11.0 kotlin Kotlin Support Allows Kotlin to be used for ZAP scripting StackHawk Engineering 1.1.0 kotlin-alpha-1.1.0.zap alpha <h3>Changed</h3> <ul> <li>Use appropriate syntax style for highlighting of code.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/kotlin-v1.1.0/kotlin-alpha-1.1.0.zap SHA-256:85a47ea7199b77cfb09081302c277de2ba5e2102ef79907573ebcfa6425302e9 https://www.zaproxy.org/docs/desktop/addons/kotlin-support/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 48865539 2.11.0 neonmarker Neonmarker Colors history table items based on tags Juha Kivekäs, Kingthorin 1.4.0 neonmarker-alpha-1.4.0.zap alpha <h3>Changed</h3> <ul> <li>Add red/green icon to Enable/Disable toggle button.</li> <li>Maintenance changes.</li> <li>Now targeting ZAP 2.10.</li> <li>Ensure added color mappings are unique (Issue 11). Only applies when mappings are added programmatically, a user can still define the same mapping multiple times via the GUI (hopefully they'll recognize the inefficiency of doing so).</li> </ul> https://github.com/kingthorin/neonmarker/releases/download/v1.4.0/neonmarker-alpha-1.4.0.zap SHA-256:46947eea7130298c765bf089147fa54a9e1353a57a2033829aded3947a118d55 https://www.zaproxy.org/docs/desktop/addons/neonmarker/ https://github.com/kingthorin/neonmarker 2021-08-26 28259 2.10.0 network Network Provides core networking capabilities. ZAP Dev Team 0.2.0 network-alpha-0.2.0.zap alpha <h3>Added</h3> <ul> <li>On weekly releases and versions after 2.11: <ul> <li>Management of local servers/proxies, supersedes core functionality;</li> <li>Configuration of aliases for the servers/proxies (<a href="https://github.com/zaproxy/zaproxy/issues/3594">Issue 3594</a>);</li> <li>Pass-through connections (<a href="https://github.com/zaproxy/zaproxy/issues/6832">Issue 6832</a>).</li> </ul> </li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/network-v0.2.0/network-alpha-0.2.0.zap SHA-256:9684a67a6bdf2d221f85fb86ff7cb3c1a4aefda4f7fda4a715f5dfa182fcbbd9 https://www.zaproxy.org/docs/desktop/addons/network/ https://github.com/zaproxy/zap-extensions/ 2022-04-06 17892519 2.11.1 oast OAST Support Allows you to exploit out-of-band vulnerabilities ZAP Dev Team 0.10.0 oast-alpha-0.10.0.zap alpha <h3>Added</h3> <ul> <li>The following two statistics for each OAST service: <ul> <li><code>stats.oast.&lt;service&gt;.payloadsGenerated</code></li> <li><code>stats.oast.&lt;service&gt;.interactions</code></li> </ul> </li> </ul> <h3>Changed</h3> <ul> <li>Use Network add-on to serve callback requests.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/oast-v0.10.0/oast-alpha-0.10.0.zap SHA-256:b4b4b4defc01b14675ce1f4d6dadbfaa118ec06456162bb00a585735d9a95526 https://www.zaproxy.org/docs/desktop/addons/oast-support/ https://github.com/zaproxy/zap-extensions/ 2022-02-18 773485 2.11.1 network >= 0.1.0 onlineMenu Online menus ZAP Online menu items ZAP Dev Team 9 onlineMenu-release-9.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/onlineMenu-v9/onlineMenu-release-9.zap SHA-256:14d46e64178caf551462eb77478002ba08946ff639a1a52007527c41fd85bbee https://www.zaproxy.org/docs/desktop/addons/online-menu/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 208120 2.11.0 openapi OpenAPI Support Imports and spiders OpenAPI definitions. ZAP Dev Team plus Joanna Bona, Nathalie Bouchahine, Artur Grzesica, Mohammad Kamar, Markus Kiss, Michal Materniak, Marcin Spiewak, and SDA SE Open Industry Solutions 27 openapi-beta-27.zap beta <h3>Added</h3> <ul> <li>Support content field (JSON) in parameters (Issue 6166).</li> </ul> <h3>Changed</h3> <ul> <li>Now depends on commonlib for display of import progress (Issue 6783).</li> <li>Dependency updates.</li> </ul> <h3>Fixed</h3> <ul> <li>Properly generate Content-Type header when in presence of more than one supported content (Issue 7082).</li> <li>Quote provided string values in JSON content (Issue 7128).</li> <li>Properly handle empty default values in server variables.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/openapi-v27/openapi-beta-27.zap SHA-256:e96bd5791496cdc72951bd59869618a88932b50775a1c08b1371c6e12294d983 https://www.zaproxy.org/docs/desktop/addons/openapi-support/ https://github.com/zaproxy/zap-extensions/ 2022-03-29 12169396 2.11.1 commonlib >= 1.8.0 & < 2.0.0 packpentester Collection: Pentester Pack A collection of add-ons ideal for pentesters ZAP Dev Team 0.1.0 packpentester-alpha-0.1.0.zap alpha <h3>Fixed</h3> <ul> <li>Corrected fuzz add-on name</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/packpentester-v0.1.0/packpentester-alpha-0.1.0.zap SHA-256:0b8e7e4ddffdcacf46fdf9793bf84217738e281cbd5ccac732788c4b768d069c https://www.zaproxy.org/docs/desktop/addons/collection-pentester-pack/ https://github.com/zaproxy/zap-extensions/ 2022-05-12 6792 2.11.1 accessControl attacksurfacedetector custompayloads evalvillain fileupload fuzz fuzzdb jsonview jwt requester viewstate wappalyzer packscanrules Collection: Scan Rules Pack All of the add-ons just containing release, beta and alpha status scan rules ZAP Dev Team 0.0.1 packscanrules-alpha-0.0.1.zap alpha <p>First version.</p> https://github.com/zaproxy/zap-extensions/releases/download/packscanrules-v0.0.1/packscanrules-alpha-0.0.1.zap SHA-256:5ad68f153379bd96f36a7bead61e884cc42e1409cdd262dffc682b5f7bf92da4 https://www.zaproxy.org/docs/desktop/addons/collection-scan-rules-pack/ https://github.com/zaproxy/zap-extensions/ 2022-05-13 9244 2.11.1 ascanrules ascanrulesAlpha ascanrulesBeta domxss pscanrules pscanrulesAlpha pscanrulesBeta retire plugnhack Plug-n-Hack Configuration Supports the Mozilla Plug-n-Hack standard: https://developer.mozilla.org/en-US/docs/Plug-n-Hack. ZAP Dev Team 12 plugnhack-beta-12.zap beta <h3>Added</h3> <ul> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Issue 2000 - Updated strings shown in context menu with title caps.</li> <li>Change info URL to link to the site.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/plugnhack-v12/plugnhack-beta-12.zap SHA-256:9a1cc0e664629e9f6aabdc1a2c13b800112bdc8b35b0cc4b375a011eb2430b49 https://www.zaproxy.org/docs/desktop/addons/plug-n-hack/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 729770 2.11.0 portscan Port Scanner Allows to port scan a target server ZAP Dev Team 9 portscan-beta-9.zap beta <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Update default values in the options to match the ones in the default configuration file.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/portscan-v9/portscan-beta-9.zap SHA-256:be85aac379e3415ccd771b983ac52d208e5ddeb5b5e591fab047e97a895b2dfb https://www.zaproxy.org/docs/desktop/addons/port-scan/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 714392 2.11.0 pscanrules Passive scanner rules The release status Passive Scanner rules ZAP Dev Team 41 pscanrules-release-41.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>The &quot;Viewstate without MAC Signature (Unsure)&quot; alert will now only be raised at Low Alert Threshold (Issue 7230).</li> <li>The Content Security Policy scan rule will now alert when &quot;unsafe-hashes&quot; are allowed.</li> </ul> <h3>Fixed</h3> <ul> <li>Correct parameter and evidence for Cookie without SameSite Attribute when SAMESITE was set to None (Issue 7358).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/pscanrules-v41/pscanrules-release-41.zap SHA-256:7d266cad2ac3bd691ec4cb8637be4e5cdc38861e4aced1196e257394b343bb9e https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules/ https://github.com/zaproxy/zap-extensions/ 2022-06-24 1231843 2.11.1 commonlib >= 1.7.0 & < 2.0.0 pscanrulesAlpha Passive scanner rules (alpha) The alpha status Passive Scanner rules ZAP Dev Team 35 pscanrulesAlpha-alpha-35.zap alpha <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> <h3>Added</h3> <ul> <li>OWASP Web Security Testing Guide v4.2 mappings where applicable.</li> <li>Sub Resource Integrity Attribute Missing scan rule will now include the suggested integrity hash (Base64 encoded SHA384 hash) as part of the relevant Alert's Other Info details if the referenced script can be found in the Sites Tree (Issue 5894).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/pscanrulesAlpha-v35/pscanrulesAlpha-alpha-35.zap SHA-256:0f94d35c66b52642cf438311b301d439cddeb192f4d5582995220a2cf6c39e05 https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules-alpha/ https://github.com/zaproxy/zap-extensions/ 2021-12-01 651755 2.11.0 commonlib >= 1.6.0 & < 2.0.0 pscanrulesBeta Passive scanner rules (beta) The beta status Passive Scanner rules ZAP Dev Team 29 pscanrulesBeta-beta-29.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Maintenance changes.</li> </ul> <h3>Removed</h3> <ul> <li>Content Security Policy (CSP) Header Not Set scan rule promoted to release.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/pscanrulesBeta-v29/pscanrulesBeta-beta-29.zap SHA-256:c03ea666858a108eff51cfd4e7cd141d172755e3a335ae0ed297707819d6769f https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules-beta/ https://github.com/zaproxy/zap-extensions/ 2022-04-05 1021476 2.11.1 commonlib >= 1.7.0 & < 2.0.0 quickstart Quick Start Provides a tab which allows you to quickly test a target application ZAP Dev Team 33 quickstart-release-33.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Browser Launch/Manual Explore will now display a warning dialog if the selected browser executable cannot be found (Issue 6963).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/quickstart-v33/quickstart-release-33.zap SHA-256:21ff2127d865b5204b4e09b50e9615bd4435823e3b8503ac5f731d5abbe6084e https://www.zaproxy.org/docs/desktop/addons/quick-start/ https://github.com/zaproxy/zap-extensions/ 2021-12-13 617848 2.11.1 callhome >= 0.0.1 network >= 0.0.1 reports >= 0.4.0 reflect Reflect Finds reflected parameters Caleb Kinney 0.0.11 reflect-alpha-0.0.11.zap alpha https://github.com/zaproxy/zap-extensions/releases/download/2.7/reflect-alpha-0.0.11.zap SHA-256:c45307037042e4079546a5fcb17d1165475e5cdd5ba7e8abc0d2cf0a14866466 2021-02-19 1780219 2.9.0 regextester Regular Expression Tester Allows to test Regular Expressions ZAP Dev Team 2 regextester-alpha-2.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> <h3>Fixed</h3> <ul> <li>Close dialogues when the add-on is uninstalled.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/regextester-v2/regextester-alpha-2.zap SHA-256:b4706709c16a45e8bedc0bd6f28dd09532d5dbf3f1fe2c2853e20dbf6160a584 https://www.zaproxy.org/docs/desktop/addons/regular-expression-tester/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 159441 2.11.0 replacer Replacer Easy way to replace strings in requests and responses. ZAP Dev Team 9 replacer-beta-9.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Update links to zaproxy repo.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/replacer-v9/replacer-beta-9.zap SHA-256:0950fac81a04e0bb791fa514aac145e05fd3483f95584dd00d880157f65c12e3 https://www.zaproxy.org/docs/desktop/addons/replacer/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 334557 2.11.0 reports Report Generation Official ZAP Reports. ZAP Dev Team 0.14.0 reports-release-0.14.0.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> <h3>Fixed</h3> <ul> <li>Exceptions when generating some reports without the Automation add-on being installed.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/reports-v0.14.0/reports-release-0.14.0.zap SHA-256:bdb1859345e8b44a2d11f70d816d78a6fe781cdbccd7eb35557bc32769fd3c24 https://www.zaproxy.org/docs/desktop/addons/report-generation/ https://github.com/zaproxy/zap-extensions/ 2022-06-22 66962107 2.11.1 requester Requester Request numbered panel. Surikato 6 requester-alpha-6.zap alpha <h3>Added</h3> <ul> <li>Support for renaming tabs.</li> <li>More help.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Maintenance changes.</li> <li>Moved Help button to the Response tab.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/requester-v6/requester-alpha-6.zap SHA-256:3d3e1aff47fc1446c6e25b8c718e276ee4bff9627e85743379a95e194140c77f https://www.zaproxy.org/docs/desktop/addons/requester/ https://github.com/zaproxy/zap-extensions/ 2022-05-10 165379 2.11.1 retest Retest An add-on to retest for presence/absence of previously generated alerts. ZAP Dev Team 0.2.0 retest-alpha-0.2.0.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/retest-v0.2.0/retest-alpha-0.2.0.zap SHA-256:b2fca87abb96b6e3748b3d834e6dd3e0f5cfbc2fede6c20b82cf157d87cbf2bf https://www.zaproxy.org/docs/desktop/addons/retest/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 254909 2.11.0 automation >=0.6.0 retire Retire.js Retire.js Nikita Mundhada and the ZAP Dev Team 0.12.0 retire-release-0.12.0.zap release <h3>Changed</h3> <ul> <li>Updated with upstream retire.js pattern changes.</li> <li>Relevant CVEs will now be added as Alert Tags when available.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/retire-v0.12.0/retire-release-0.12.0.zap SHA-256:3ea093c8f4de6944a296b3655b79f38ecf62a8a147dd7f383f226ee128e5a342 https://www.zaproxy.org/docs/desktop/addons/retire.js/ https://github.com/zaproxy/zap-extensions/ 2022-05-26 1210654 2.11.1 commonlib >= 1.7.0 & < 2.0.0 reveal Reveal Show hidden fields and enable disabled fields ZAP Dev Team 4 reveal-release-4.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/reveal-v4/reveal-release-4.zap SHA-256:b8f1e971ae15df7aab3d896ad88a4f503971db24fcff86d92fb243c476fc4f01 https://www.zaproxy.org/docs/desktop/addons/reveal/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 237540 2.11.0 revisit Revisit Revisit a site at any time in the past using the session history ZAP Dev Team 4 revisit-alpha-4.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> <li>Maintenance changes.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/revisit-v4/revisit-alpha-4.zap SHA-256:445bb2a98e06d4ecc945c35c2777dae1b1e5b6ea20de78b920c8004bc3615195 https://www.zaproxy.org/docs/desktop/addons/revisit/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 299864 2.11.0 saml SAML Support Detect, Show, Edit, Fuzz SAML requests ZAP Dev Team 9 saml-alpha-9.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/saml-v9/saml-alpha-9.zap SHA-256:37c167b76115a7a0710b1e8940591797da170961ca69f517c66a25b16712cb1a https://www.zaproxy.org/docs/desktop/addons/saml-support/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 1809830 2.11.0 saverawmessage Save Raw Message Allows to save content of HTTP messages as binary ZAP Dev Team 7 saverawmessage-release-7.zap release <h3>Retired</h3> <ul> <li>This add-on has been retired, and its functionality has been replaced by the Import/Export Add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/saverawmessage-v7/saverawmessage-release-7.zap SHA-256:530e0c46d30c9aeb0a6b4cc4fbb3d3083db0337cbb88ac0db96271076b9ec48b https://www.zaproxy.org/docs/desktop/addons/save-raw-message/ https://github.com/zaproxy/zap-extensions/ 2021-12-22 23464 2.11.1 exim savexmlmessage Save XML Message Allows to save content of HTTP messages as XML thatsn0tmysite 0.3.0 savexmlmessage-alpha-0.3.0.zap alpha <h3>Retired</h3> <ul> <li>This add-on has been retired, and its functionality has been replaced by the Import/Export Add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/savexmlmessage-v0.3.0/savexmlmessage-alpha-0.3.0.zap SHA-256:0a73d4d8f07a5e7c1e9140b22faa63fb3fbb51fb88d5e33ff297723564c0c79d https://www.zaproxy.org/docs/desktop/addons/save-xml-message/ https://github.com/zaproxy/zap-extensions/ 2021-12-22 6034 2.11.1 exim scripts Script Console Supports all JSR 223 scripting languages ZAP Dev Team 30 scripts-beta-30.zap beta <h3>Added</h3> <ul> <li>Automation ScriptJob - Add or remove any script and run a standalone script</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/scripts-v30/scripts-beta-30.zap SHA-256:990819681db37ce24c346dc93e8065e226a3edaa0bf2a7b8986fa66b51a87d1a https://www.zaproxy.org/docs/desktop/addons/script-console/ https://github.com/zaproxy/zap-extensions/ 2022-02-25 714448 2.11.1 selenium Selenium WebDriver provider and includes HtmlUnit browser ZAP Dev Team 15.9.0 selenium-release-15.9.0.zap release <h3>Changed</h3> <ul> <li>Use Network add-on to obtain main proxy address/port.</li> </ul> <h3>Fixed</h3> <ul> <li>Restore usage of bundled ChromeDriver (<a href="https://github.com/zaproxy/zaproxy/issues/7272">Issue #7272</a>).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/selenium-v15.9.0/selenium-release-15.9.0.zap SHA-256:297114535a2e2973d96fcb18bc686cf46991386d3ccdb8157a884bc537a44228 https://www.zaproxy.org/docs/desktop/addons/selenium/ https://github.com/zaproxy/zap-extensions/ 2022-05-06 24911785 2.11.1 network >=0.2.0 sequence Sequence Gives the possibility of defining a sequence of requests to be scanned. ZAP Dev Team 6 sequence-alpha-6.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Issue 2000 - Updated strings shown in active scan dialog with title caps.</li> <li>Enable help button in Sequence tab of Active Scan dialog.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/sequence-v6/sequence-alpha-6.zap SHA-256:2849204eab9ea1da50404ab9604e5ec69440c490453a24392c9a40bf95cdb164 https://www.zaproxy.org/docs/desktop/addons/sequence-scanner/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 1556476 2.11.0 zest soap SOAP Support Imports and scans WSDL files containing SOAP endpoints. Alberto (albertov91) + ZAP Dev Team 13 soap-alpha-13.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Dependency updates.</li> <li>When the automation Job is edited via UI Dialog then the status will be set to Not started</li> </ul> <h3>Fixed</h3> <ul> <li>Do not report &quot;Unrecognised parameter&quot; for valid parameters.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/soap-v13/soap-alpha-13.zap SHA-256:bf24fb94dd9d604cca964e6b27d3a8df518a413758c4f7aacfeef41d513114aa https://www.zaproxy.org/docs/desktop/addons/soap-support/ https://github.com/zaproxy/zap-extensions/ 2022-02-01 13982769 2.11.1 commonlib >= 1.5.0 & < 2.0.0 spiderAjax Ajax Spider Allows you to spider sites that make heavy use of JavaScript using Crawljax ZAP Dev Team 23.7.0 spiderAjax-release-23.7.0.zap release <h3>Added</h3> <ul> <li>Automation authentication support</li> </ul> <h3>Changed</h3> <ul> <li>Dependency updates.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/spiderAjax-v23.7.0/spiderAjax-release-23.7.0.zap SHA-256:6e1b8c60a98efcb301f7d852ae108bc92cdda18a6a4d3c6ef8861f095e182931 https://www.zaproxy.org/docs/desktop/addons/ajax-spider/ https://github.com/zaproxy/zap-extensions/ 2021-11-02 5810719 2.11.0 selenium 15.* sqliplugin Advanced SQLInjection Scanner An advanced active injection bundle for SQLi (derived by SQLMap) Andrea Pompili (Yhawke) 15 sqliplugin-beta-15.zap beta <h3>Fixed</h3> <ul> <li>Re-ordered variable initialization to prevent an NPE.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/sqliplugin-v15/sqliplugin-beta-15.zap SHA-256:76e857bd2fea0b57b641862ea5bef46365ac1b03a19371c5e818a5401f7d9384 https://www.zaproxy.org/docs/desktop/addons/advanced-sqlinjection-scanner/ https://github.com/zaproxy/zap-extensions/ 2021-10-20 534349 2.11.0 commonlib >= 1.5.0 & < 2.0.0 sse Server-Sent Events Allows you to view Server-Sent Events (SSE) communication. ZAP Dev Team 10 sse-alpha-10.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Fixed</h3> <ul> <li>Terminology</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Adjust log levels to be less verbose.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/sse-v10/sse-alpha-10.zap SHA-256:1adc14442cedd3336319e94c93659118998fee42ae340b4ba757f3e7af475853 https://www.zaproxy.org/docs/desktop/addons/server-sent-events/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 339239 2.11.0 svndigger SVN Digger Files SVN Digger files which can be used with ZAP forced browsing ZAP Dev Team 4 svndigger-release-4.zap release <h3>Added</h3> <ul> <li>Add help.</li> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Promote to release status.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/svndigger-v4/svndigger-release-4.zap SHA-256:5556efdf3fdb84ebd6cf3e76ca31e3fb6fb57c002cf14b2cf2f05f67bf2b622a https://www.zaproxy.org/docs/desktop/addons/svn-digger-files/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 713963 2.11.0 tips Tips and Tricks Display ZAP Tips and Tricks ZAP Dev Team 9 tips-beta-9.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/tips-v9/tips-beta-9.zap SHA-256:dd65cd0a0f1621bd759bd92fb0a4bdba67cdf498fdaea2c40a333035aec9df97 https://www.zaproxy.org/docs/desktop/addons/tips-and-tricks/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 563979 2.11.0 tokengen Token Generation and Analysis Allows you to generate and analyze pseudo random tokens, such as those used for session handling or CSRF protection ZAP Dev Team 15 tokengen-beta-15.zap beta <h3>Changed</h3> <ul> <li>Now using 2.10 logging infrastructure (Log4j 2.x).</li> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/tokengen-v15/tokengen-beta-15.zap SHA-256:daef1d13d44a76b8735a30ed9e1e50fa87a85d02728bd7ae575197d173f942f9 https://www.zaproxy.org/docs/desktop/addons/token-generator/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 525206 2.11.0 treetools TreeTools Tools to add functionality to the tree view. Carl Sampson 8 treetools-beta-8.zap beta <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/treetools-v8/treetools-beta-8.zap SHA-256:b7f61f8939937ebc120bce8deb72713d7676087056e88801df2573112e7642e4 https://www.zaproxy.org/docs/desktop/addons/treetools/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 128931 2.11.0 viewstate ViewState ASP/JSF ViewState Decoder and Editor Calum Hutton 3 viewstate-alpha-3.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/viewstate-v3/viewstate-alpha-3.zap SHA-256:715caefd591415e79b32195361fea82aa8c6357b24e69530c22fde0a1b6dad17 https://www.zaproxy.org/docs/desktop/addons/viewstate/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 148716 2.11.0 wappalyzer Wappalyzer - Technology Detection Technology detection using Wappalyzer: wappalyzer.com ZAP Dev Team 21.11.0 wappalyzer-release-21.11.0.zap release <p>###Changed</p> <ul> <li>Updated with upstream Wappalyzer icon and pattern changes.</li> <li>Update Wappalyzer URL in help documentation.</li> </ul> <h3>Fixed</h3> <ul> <li>Threading issue - only reproducible with currently unreleased core changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/wappalyzer-v21.11.0/wappalyzer-release-21.11.0.zap SHA-256:6eef45d6603a9d01e2cfae66f5c292255b38562f8b8f70437222c08ad76e56b5 https://www.zaproxy.org/docs/desktop/addons/technology-detection/ https://github.com/zaproxy/zap-extensions/ 2022-06-03 15807241 2.11.1 commonlib >= 1.7.0 & < 2.0.0 webdriverlinux Linux WebDrivers Linux WebDrivers for Firefox and Chrome. ZAP Dev Team 40 webdriverlinux-release-40.zap release <h3>Changed</h3> <ul> <li>Update ChromeDriver to 103.0.5060.53.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/webdriverlinux-v40/webdriverlinux-release-40.zap SHA-256:2fe0e63184d625569537b279695794c99d85ecf400e1e87d098b93db5a74fad3 https://www.zaproxy.org/docs/desktop/addons/linux-webdrivers/ https://github.com/zaproxy/zap-extensions/ 2022-06-23 12763973 2.11.1 webdrivermacos MacOS WebDrivers MacOS WebDrivers for Firefox and Chrome. ZAP Dev Team 41 webdrivermacos-release-41.zap release <h3>Changed</h3> <ul> <li>Update ChromeDriver to 103.0.5060.53.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/webdrivermacos-v41/webdrivermacos-release-41.zap SHA-256:239264131232e49e3b35c34f160eee61b8e68af736b145b29289c2c5eb055dff https://www.zaproxy.org/docs/desktop/addons/macos-webdrivers/ https://github.com/zaproxy/zap-extensions/ 2022-06-23 19830335 2.11.1 webdriverwindows Windows WebDrivers Windows WebDrivers for Firefox and Chrome. ZAP Dev Team 40 webdriverwindows-release-40.zap release <h3>Changed</h3> <ul> <li>Update ChromeDriver to 103.0.5060.53.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/webdriverwindows-v40/webdriverwindows-release-40.zap SHA-256:eb0c92c88844ee03edafe25c9dd889a68be08770c0fbaa8dee7a803eaeafa77a https://www.zaproxy.org/docs/desktop/addons/windows-webdrivers/ https://github.com/zaproxy/zap-extensions/ 2022-06-23 9449320 2.11.1 websocket WebSockets Allows you to inspect WebSocket communication. ZAP Dev Team 26 websocket-release-26.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Cache WebSocket Passive Rules scripts for better performance with all script engines.</li> </ul> <h3>Fixed</h3> <ul> <li>Handle errors caused by WebSocket Passive Rules scripts, which would break the passive scan.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/websocket-v26/websocket-release-26.zap SHA-256:965a94bf9486b15eed5ad0dde9d681a2c121282bed73da62df2a6916acd0a1aa https://www.zaproxy.org/docs/desktop/addons/websockets/ https://github.com/zaproxy/zap-extensions/ 2022-05-20 1413083 2.11.1 zest Zest - Graphical Security Scripting Language A graphical security scripting language, ZAPs macro language on steroids ZAP Dev Team 35 zest-beta-35.zap beta <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/zest-v35/zest-beta-35.zap SHA-256:bbada2c5f2e07f9a8fc933eddb4d3f8bc33293c2b55c8489e3d81c42118f6667 https://www.zaproxy.org/docs/desktop/addons/zest/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 13570172 2.11.0 scripts selenium 15.*