2.11.1
D-2021-10-18
https://github.com/zaproxy/zaproxy/releases/download/w2021-10-18/ZAP_WEEKLY_D-2021-10-18.zip
ZAP_WEEKLY_D-2021-10-18.zip
SHA-256:9d4bcb12e47293f3cbc4c32285b8469e620f092bb2519e65e12e5e528a25a8ad
188556676
https://github.com/zaproxy/zaproxy/releases/download/v2.11.1/ZAP_2_11_1_windows-x32.exe
ZAP_2_11_1_windows-x32.exe
SHA-256:4f753278b374d292a0c1c8fbabc60153acf3bd7c9ce8fb1930a5d68fdfad6638
192166400
https://github.com/zaproxy/zaproxy/releases/download/v2.11.1/ZAP_2_11_1_windows.exe
ZAP_2_11_1_windows.exe
SHA-256:0c86af10453b2444e70706f259a5878586f536fc57f14b85b41dd47fdbc45922
192259072
https://github.com/zaproxy/zaproxy/releases/download/v2.11.1/ZAP_2.11.1_Linux.tar.gz
ZAP_2.11.1_Linux.tar.gz
SHA-256:5f83666e5863f4f94eac583942f1c4e15f9cc7b7307d05bc6ce6545265c6382c
194801121
https://github.com/zaproxy/zaproxy/releases/download/v2.11.1/ZAP_2.11.1.dmg
ZAP_2.11.1.dmg
SHA-256:e0129757db1a0b9770e3c6d7fbdba63bfe893bdfd476eae45a12bbd1e5b8f2e6
222978300
Bug fix and enhancement release.
https://www.zaproxy.org/docs/desktop/releases/2.11.1/
accessControl
Access Control Testing
Adds a set of tools for testing access control in web applications.
ZAP Dev Team
7
accessControl-alpha-7.zap
alpha
<h3>Changed</h3>
<ul>
<li>Don't set the font color for inherited entries (Issue 6397).</li>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes (some changes impact the visibility of variables and add getters/setters, which may impact third party add-ons or scripts).</li>
<li>Change to no longer rely on core report classes, which are going to be deleted.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/accessControl-v7/accessControl-alpha-7.zap
SHA-256:5bfa0e14cf227bc402c58bd35c19c474b781e519585f3d62c2b174e8c6ac55a0
https://www.zaproxy.org/docs/desktop/addons/access-control-testing/
https://github.com/zaproxy/zap-extensions/
2021-10-07
591286
2.11.0
alertFilters
Alert Filters
Allows you to automate the changing of alert risk levels.
ZAP Dev Team
13
alertFilters-release-13.zap
release
<h3>Added</h3>
<ul>
<li>Stats for alerts changed</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Dialogs being shown under the owning dialog / frame.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/alertFilters-v13/alertFilters-release-13.zap
SHA-256:71ecbe94847cf1ade03ed81d57831d806317b65c72d468521fb43f280dd710a9
https://www.zaproxy.org/docs/desktop/addons/alert-filters/
https://github.com/zaproxy/zap-extensions/
2021-10-06
523886
2.11.0
allinonenotes
All In One Notes
A simple extension to view all notes in one pane.
David Vassallo
2
allinonenotes-alpha-2.zap
alpha
<h3>Added</h3>
<ul>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Update link to repository.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/allinonenotes-v2/allinonenotes-alpha-2.zap
SHA-256:9e70d6e76b72692e9c0cb64002a692b710710e688ea2d8834818086300632d2a
https://www.zaproxy.org/docs/desktop/addons/all-in-one-notes/
https://github.com/zaproxy/zap-extensions/
2021-10-07
249532
2.11.0
amf
AMF Support
Adds support for AMF messages
ZAP Dev Team
3
amf-alpha-3.zap
alpha
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/amf-v3/amf-alpha-3.zap
SHA-256:01345ea00a6623d794753a3210f4e3e2b50a8c4ce2bfa6ea57324f0ff01ad7e3
https://www.zaproxy.org/docs/desktop/addons/amf-support/
https://github.com/zaproxy/zap-extensions/
2021-10-07
911943
2.11.0
ascanrules
Active scanner rules
The release status Active Scanner rules
ZAP Dev Team
46
ascanrules-release-46.zap
release
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fix Cross Site Scripting (Reflected) scan rule false negatives introduced in previous version.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/ascanrules-v46/ascanrules-release-46.zap
SHA-256:8bc56103b0f67966f2ccfc2d9fdb3cffe42fa1a504f1d24d2d39c85f8b5aa4eb
https://www.zaproxy.org/docs/desktop/addons/active-scan-rules/
https://github.com/zaproxy/zap-extensions/
2022-03-21
2499205
2.11.1
commonlib
>= 1.9.0 & < 2.0.0
ascanrulesAlpha
Active scanner rules (alpha)
The alpha status Active Scanner rules
ZAP Dev Team
38
ascanrulesAlpha-alpha-38.zap
alpha
<h3>Added</h3>
<ul>
<li>Scan rules for Server Side Template Injection (<a href="https://github.com/zaproxy/zaproxy/issues/2332">Issue 2332</a>).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/ascanrulesAlpha-v38/ascanrulesAlpha-alpha-38.zap
SHA-256:6f394b74c7a4b925c472029302fa7f5513036198bcccdc0efcf93695abc6502c
https://www.zaproxy.org/docs/desktop/addons/active-scan-rules-alpha/
https://github.com/zaproxy/zap-extensions/
2022-04-08
576912
2.11.1
commonlib
>= 1.9.0 & < 2.0.0
oast
>= 0.7.0
ascanrulesBeta
Active scanner rules (beta)
The beta status Active Scanner rules
ZAP Dev Team
41
ascanrulesBeta-beta-41.zap
beta
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Adding more checks to Hidden File Finder scan rule.</li>
<li>The Cloud Metadata scan rule will now be attempted with additional payloads (using DNS not just IPs), and supporting Alibaba.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>False Positive in XSLT Injection where "Microsoft-Azure-Application-Gateway" can be returned in a 403 if the gateway detects an attack.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/ascanrulesBeta-v41/ascanrulesBeta-beta-41.zap
SHA-256:703ba1d171a68a5dcdc3acb84d7f800dcc8a8a8282ab2cea362585e618b933a4
https://www.zaproxy.org/docs/desktop/addons/active-scan-rules-beta/
https://github.com/zaproxy/zap-extensions/
2022-06-08
2079924
2.11.1
commonlib
>= 1.7.0 & < 2.0.0
network
>= 0.1.0
oast
>= 0.7.0
attacksurfacedetector
Attack Surface Detector
The Attack Surface Detector analyzes web application source code to generate endpoints that can be used for penetration testing.
Secure Decisions (Matthew DeLetto)
1.1.4
attacksurfacedetector-alpha-1.1.4.zap
alpha
Various incremental changes (see https://github.com/secdec/attack-surface-detector-zap/releases)<br>
Fix un-handled exception when target unavailable & address various "house keeping" tasks.<br>
https://github.com/zaproxy/zap-extensions/releases/download/2.7/attacksurfacedetector-alpha-1.1.4.zap
SHA1:e21758c2cdcbc7806f44cc986a88360457eff82e
https://github.com/secdec/attack-surface-detector-zap/wiki
https://github.com/secdec/attack-surface-detector-zap/
2019-03-07
15604948
2.7.0
authstats
Authentication Statistics
Records logged in/out statistics for all contexts in scope.
ZAP Dev Team
2
authstats-alpha-2.zap
alpha
<h3>Added</h3>
<ul>
<li>Add repo URL.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Dynamically unload the add-on.</li>
<li>Change info URL to link to the site.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/authstats-v2/authstats-alpha-2.zap
SHA-256:cfb604c27f3a7a58e7b5aa55fe9f19a9ce5561fab3ef7d3f6c72845671fb5dcf
https://www.zaproxy.org/docs/desktop/addons/authentication-statistics/
https://github.com/zaproxy/zap-extensions/
2021-10-07
247499
2.11.0
automation
Automation Framework
Automation Framework.
ZAP Dev Team
0.16.0
automation-beta-0.16.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Show each context URL in its own line when editing in the GUI (Issue 7241).</li>
<li>Correct error messages.</li>
<li>Wrong API end point reference in help</li>
<li>Fix exception when alerts found during active scan no longer exist when creating the data for the report.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/automation-v0.16.0/automation-beta-0.16.0.zap
SHA-256:23435dffc7676da929986495dc423289a109918c5b8a379d5f10a0c5e033c828
https://www.zaproxy.org/docs/desktop/addons/automation-framework/
https://github.com/zaproxy/zap-extensions/
2022-06-22
4183964
2.11.1
beanshell
BeanShell Console
Provides a BeanShell Console
ZAP Dev Team
7
beanshell-beta-7.zap
beta
<h3>Added</h3>
<ul>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
<li>Improve permissions and space handling when saving.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/beanshell-v7/beanshell-beta-7.zap
SHA-256:0a83cb7d0369ccef50768ccbda1e6c6d82b9f4e3bd9372b38fd32cc21f6a30fb
https://www.zaproxy.org/docs/desktop/addons/bean-shell/
https://github.com/zaproxy/zap-extensions/
2021-10-07
577838
2.11.0
browserView
Browser View
Adds an option to render HTML responses like a browser
ZAP Dev Team
5
browserView-alpha-5.zap
alpha
Allow to properly scroll the rendered page.
https://github.com/zaproxy/zap-extensions/releases/download/2.7/browserView-alpha-5.zap
SHA1:0aaf81863ad1011136416b49a05eba3d8b262a02
https://www.zaproxy.org/docs/desktop/addons/browser-view/
https://github.com/zaproxy/zap-extensions/
2017-11-28
193880
2.4.0
bruteforce
Forced Browse
Forced browsing of files and directories using code from the OWASP DirBuster tool
ZAP Dev Team
11
bruteforce-beta-11.zap
beta
<h3>Changed</h3>
<ul>
<li>Send HTTP messages with ZAP, making use of all its features (e.g. user authentication, custom user-agent, HTTP Sender scripts) (Issues 173 and 3060).</li>
<li>Now using 2.10 logging infrastructure (Log4j 2.x).</li>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/bruteforce-v11/bruteforce-beta-11.zap
SHA-256:b0713b47c7e16a33d46002382b83ebcdd18bfdf852bf021574378dde49f347fc
https://www.zaproxy.org/docs/desktop/addons/forced-browse/
https://github.com/zaproxy/zap-extensions/
2021-10-06
548895
2.11.0
bugtracker
Bug Tracker
Bug Tracker extension.
ZAP Dev Team
3
bugtracker-alpha-3.zap
alpha
<h3>Added</h3>
<ul>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
<li>Remove broken link from the user guide.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Show correct help page for the options panel.</li>
<li>Remove the options panels when the add-on is uninstalled.</li>
</ul>
<h3>Removed</h3>
<ul>
<li>Remove unused resource message.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/bugtracker-v3/bugtracker-alpha-3.zap
SHA-256:fe11b8ee2c39e374a578b064250563d28901fc3a7d3c4cacaefd69336c6f78a3
https://www.zaproxy.org/docs/desktop/addons/bug-tracker/
https://github.com/zaproxy/zap-extensions/
2021-10-07
3427588
2.11.0
callgraph
Call Graph
Allows the user to view a call graph of the selected resources
Colm O'Flaherty
5
callgraph-alpha-5.zap
alpha
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/callgraph-v5/callgraph-alpha-5.zap
SHA-256:0874ce5aad0c4bbf28f72627a4940759d328396e12b7d6a5596f2e41bf24dc4e
https://www.zaproxy.org/docs/desktop/addons/call-graph/
https://github.com/zaproxy/zap-extensions/
2021-10-07
925930
2.11.0
callhome
Call Home
Handles all of the calls to ZAP services.
ZAP Dev Team
0.3.0
callhome-alpha-0.3.0.zap
alpha
<h3>Added</h3>
<ul>
<li>More stats, in preparation for them being added to the respective add-ons</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Bugs sending telemetry on shutdown</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/callhome-v0.3.0/callhome-alpha-0.3.0.zap
SHA-256:a92078ec3bdf5309ea3688e477789c5f5e82bfc0a503e6e40bc7d0bd8dcd79a6
https://www.zaproxy.org/docs/desktop/addons/call-home/
https://github.com/zaproxy/zap-extensions/
2022-01-21
317537
2.11.1
codedx
Code Dx Extension
Includes request and response data in XML reports and provides the ability to upload reports directly to a Code Dx server
Code Dx, Inc.
9
codedx-alpha-9.zap
alpha
<h3>Added</h3>
<ul>
<li>Add repo URL.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Change info URL to link to the site.</li>
<li>Maintenance changes.</li>
<li>Change to no longer rely on core report classes, which are going to be deleted.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/codedx-v9/codedx-alpha-9.zap
SHA-256:767e0a098de281f0bc880b036a5192f26fe0bb014b81227b385a0b63ca570428
https://www.zaproxy.org/docs/desktop/addons/code-dx/
https://github.com/zaproxy/zap-extensions/
2021-10-07
1769797
2.11.0
commonlib
Common Library
A common library, for use by other add-ons.
ZAP Dev Team
1.9.0
commonlib-release-1.9.0.zap
release
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/commonlib-v1.9.0/commonlib-release-1.9.0.zap
SHA-256:a269dda47b5c28e1abf9054c0b01c767b6f307a989e30520f8992c9d580e101d
https://github.com/zaproxy/zap-extensions/
2022-03-21
4077357
2.11.1
communityScripts
Community Scripts
Useful ZAP scripts written by the ZAP community.
ZAP Community
14
communityScripts-alpha-14.zap
alpha
<h3>Added</h3>
<ul>
<li>variant/CompoundCookies.js - An input vector script that handles splitting of compound cookies (Issue 6582).</li>
<li>active/corsair.py > An active scan script to check for CORS related issues.)</li>
<li>payloadgenerator/securerandom.js > A fuzzer payload generator script that uses Java's SecureRandom as it's source (related to issue 6892).</li>
<li>active/bxss.py > an active scan script for inject blind xss payloads to the parameters</li>
</ul>
https://github.com/zaproxy/community-scripts/releases/download/v14/communityScripts-alpha-14.zap
SHA-256:4bf08142cee557697c6d4d353318433590230e6b701f67c5bcdcd8b5ed38dbd4
https://www.zaproxy.org/docs/desktop/addons/community-scripts/
https://github.com/zaproxy/community-scripts/
2021-11-01
447827
2.11.0
coreLang
Core Language Files
Translations of the core language files
ZAP Dev Team
15
coreLang-release-15.zap
release
<h3>Changed</h3>
<ul>
<li>Update the languages files from Crowdin.</li>
<li>Update minimum ZAP version to 2.11.1.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/coreLang-v15/coreLang-release-15.zap
SHA-256:d8258b914ffc95820dd045acf56677668a8cbbfc759290f72e30210056dfb88c
https://crowdin.com/project/owasp-zap
https://github.com/zaproxy/zap-extensions/
2022-02-14
4616009
2.11.1
custompayloads
Custom Payloads
Ability to add, edit or remove payloads that are used i.e. by active scanners
ZAP Dev Team
0.11.0
custompayloads-alpha-0.11.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/custompayloads-v0.11.0/custompayloads-alpha-0.11.0.zap
SHA-256:84d01dbfe0739ee70acd8286916e0106595ceb550e7793925ce48a2db6477383
https://www.zaproxy.org/docs/desktop/addons/custom-payloads/
https://github.com/zaproxy/zap-extensions/
2021-10-07
234832
2.11.0
diff
Diff
Displays a dialog showing the differences between 2 requests or responses. It uses diffutils and diff_match_patch
ZAP Dev Team
11
diff-beta-11.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
<li>Updated menu items to use title caps (Issue 2000).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/diff-v11/diff-beta-11.zap
SHA-256:a3ae6f59d98e28112f4a5e2616bfaca48823af746affa1729f32eaa1d7398aaa
https://www.zaproxy.org/docs/desktop/addons/diff/
https://github.com/zaproxy/zap-extensions/
2021-10-06
282304
2.11.0
directorylistv1
Directory List v1.0
List of directory names to be used with Forced Browse or Fuzzer add-on.
ZAP Dev Team
5
directorylistv1-release-5.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/directorylistv1-v5/directorylistv1-release-5.zap
SHA-256:c1c0e14aac2ce203bdfd3a038f9b9dcf0b498f404936c3ff96e5a4614f611b9f
https://www.zaproxy.org/docs/desktop/addons/directory-list-v1.0/
https://github.com/zaproxy/zap-extensions/
2021-10-06
960428
2.11.0
directorylistv2_3
Directory List v2.3
Lists of directory names to be used with Forced Browse or Fuzzer add-on.
ZAP Dev Team
4
directorylistv2_3-release-4.zap
release
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add repo URL.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Change info URL to link to the site.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/directorylistv2_3-v4/directorylistv2_3-release-4.zap
SHA-256:3a8b04b9363b57acd9cf8cd67abce4c630f986e2b492a1ebd01eaa9587a0a199
https://www.zaproxy.org/docs/desktop/addons/directory-list-v2.3/
https://github.com/zaproxy/zap-extensions/
2021-10-07
8722229
2.11.0
directorylistv2_3_lc
Directory List v2.3 LC
Lists of lower case directory names to be used with Forced Browse or Fuzzer add-on.
ZAP Dev Team
4
directorylistv2_3_lc-release-4.zap
release
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add repo URL.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Change info URL to link to the site.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/directorylistv2_3_lc-v4/directorylistv2_3_lc-release-4.zap
SHA-256:2603580ba53673c31800ef7373e7cc09de759369b6f8fb43cc9e5024ad5d9af4
https://www.zaproxy.org/docs/desktop/addons/directory-list-v2.3-lc/
https://github.com/zaproxy/zap-extensions/
2021-10-07
7569974
2.11.0
domxss
DOM XSS Active scanner rule
DOM XSS Active scanner rule
Aabha Biyani, ZAP Dev Team
12
domxss-beta-12.zap
beta
<h3>Changed</h3>
<ul>
<li>Dependency updates.</li>
</ul>
<h3>Added</h3>
<ul>
<li>Functionality for example alert handling in order to assist in documentation efforts.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/domxss-v12/domxss-beta-12.zap
SHA-256:0bc30e0b2dbbea1a926e030fa8af2a95be8e5140e4bc8b99e9588886c31cbdd6
https://www.zaproxy.org/docs/desktop/addons/dom-xss-active-scan-rule/
https://github.com/zaproxy/zap-extensions/
2021-12-06
268685
2.11.0
commonlib
>= 1.5.0 & < 2.0.0
selenium
15.*
encoder
Encoder
Adds encode/decode/hash dialog and support for scripted processors as well
ZAP Dev Team
0.6.0
encoder-beta-0.6.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
<h3>Removed</h3>
<ul>
<li>Groovy default template moved to Groovy add-on.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/encoder-v0.6.0/encoder-beta-0.6.0.zap
SHA-256:1615f183c89245b187b729a3e33ccc16dd43a39fa3fb0b0b94f719b649930eb4
https://www.zaproxy.org/docs/desktop/addons/encode-decode-hash/
https://github.com/zaproxy/zap-extensions/
2021-10-06
388487
2.11.0
evalvillain
Eval Villain
Adds the Eval Villain extension to Firefox when launched from ZAP.
Dennis Goodlett and the ZAP Dev Team
0.1.1
evalvillain-alpha-0.1.1.zap
alpha
<h3>Fixed</h3>
<ul>
<li>Fix the downloaded version of the Eval Villain Firefox extension.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/evalvillain-v0.1.1/evalvillain-alpha-0.1.1.zap
SHA-256:b0932f4f8fec19bf0dfae1dbe3668bbdadc6092707ea360216e37fdc8ae457cd
https://www.zaproxy.org/docs/desktop/addons/eval-villain/
https://github.com/zaproxy/zap-extensions/
2022-02-15
4943171
2.11.1
selenium
>=15.5.0
exim
Import/Export
Import and Export functionality
ZAP Dev Team & thatsn0tmysite
0.1.0
exim-beta-0.1.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Reduce logging and display a warning dialog when unable to read files being imported (Issue 7081).</li>
<li>Promoted to Beta.</li>
</ul>
<h3>Added</h3>
<ul>
<li>Importing a file of URLs or HAR is now displayed in the progress panel provided via commonlib.</li>
<li>Automation Framework (Issue 7078).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/exim-v0.1.0/exim-beta-0.1.0.zap
SHA-256:e7ed40e073b7bf355d2eabe55641651e63f73770e485d1586d7c423827a181b0
https://www.zaproxy.org/docs/desktop/addons/import-export/
https://github.com/zaproxy/zap-extensions/
2022-03-07
356202
2.11.1
commonlib
>= 1.8.0 & < 2.0.0
fileupload
FileUpload
Detect File upload requests and scan them to find related vulnerabilities
KSASAN preetkaran20@gmail.com
1.1.0
fileupload-alpha-1.1.0.zap
alpha
https://github.com/zaproxy/zap-extensions/releases/download/2.7/fileupload-alpha-1.1.0.zap
SHA-256:47f2d93c6a53c55983056af282ebef09e80d27c0980517a73347778ad9e47932
https://github.com/SasanLabs/owasp-zap-fileupload-addon/
2021-09-17
77520
2.11.0
formhandler
Form Handler
This Form Handler Add-on allows a user to define field names and values to be used in a form's fields. Fields can be added, modified, enabled, and deleted for use in form fields.
ZAP Dev Team
4
formhandler-beta-4.zap
beta
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/formhandler-v4/formhandler-beta-4.zap
SHA-256:d59d0d438d70cbc66e5785b756c6575ffa58c49e58e5585e31d6ddc45fc7d1c3
https://www.zaproxy.org/docs/desktop/addons/form-handler/
https://github.com/zaproxy/zap-extensions/
2021-10-06
2199004
2.11.0
fuzz
Fuzzer
Advanced fuzzer for manual testing
ZAP Dev Team
13.6.0
fuzz-beta-13.6.0.zap
beta
<h3>Added</h3>
<ul>
<li>An option to edit the selected message - note this will clear any defined fuzz locations</li>
<li>Fuzzer statistics</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.1.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/fuzz-v13.6.0/fuzz-beta-13.6.0.zap
SHA-256:3944f5c80a5679db9e749d93c88c6c6458c097cf44e8804408ec6bead25b618f
https://www.zaproxy.org/docs/desktop/addons/fuzzer/
https://github.com/zaproxy/zap-extensions/
2022-01-14
1980132
2.11.1
fuzzdb
FuzzDB Files
FuzzDB files which can be used with the ZAP fuzzer
ZAP Dev Team
8
fuzzdb-release-8.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Terminology</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/fuzzdb-v8/fuzzdb-release-8.zap
SHA-256:0b65cee3aa65e5dc11cbb83ed5d13ba1dcb330278fb2f8cc7d6957680b1e17c6
https://www.zaproxy.org/docs/desktop/addons/fuzzdb-files/
https://github.com/zaproxy/zap-extensions/
2021-10-07
6167276
2.11.0
fuzzdboffensive
FuzzDB Offensive
FuzzDB web backdoors and attack files which can be used with the ZAP fuzzer or for manual penetration testing
ZAP Dev Team
4
fuzzdboffensive-release-4.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.10.0.</li>
</ul>
https://github.com/zaproxy/fuzzdb-offensive/releases/download/v4/fuzzdboffensive-release-4.zap
SHA-256:06bf75d2745c8f6e9a861597a31bab2d3f96058a3c497539a3ba234c687e796a
https://www.zaproxy.org/docs/desktop/addons/fuzzdb-offensive/
https://github.com/zaproxy/fuzzdb-offensive/
2021-06-11
414373
2.10.0
gettingStarted
Getting Started with ZAP Guide
A short Getting Started with ZAP Guide
ZAP Dev Team
13
gettingStarted-release-13.zap
release
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Updated for 2.11.0</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/gettingStarted-v13/gettingStarted-release-13.zap
SHA-256:3eea769ec19f28c2ac7e924f5c77dbd1c3c59f40f409a1fcd3bf97cebdfd36ad
https://www.zaproxy.org/docs/desktop/addons/getting-started-guide/
https://github.com/zaproxy/zap-extensions/
2021-10-06
707048
2.11.0
graaljs
GraalVM JavaScript
Provides the GraalVM JavaScript engine for ZAP scripting.
ZAP Dev Team
0.2.0
graaljs-alpha-0.2.0.zap
alpha
<h3>Added</h3>
<ul>
<li>encode-decode Default and rot13 templates.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Update links to zaproxy repo.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/graaljs-v0.2.0/graaljs-alpha-0.2.0.zap
SHA-256:6201ffc802a1d4922a4f2b5ea38f58a7332a5638e3719f4796efba375aa15045
https://github.com/zaproxy/zap-extensions/
2021-10-06
20440785
2.11.0
graphql
GraphQL Support
Inspect and attack GraphQL endpoints.
ZAP Dev Team
0.9.0
graphql-alpha-0.9.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Replace variables present in <code>schemaFile</code> when running the automation job.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/graphql-v0.9.0/graphql-alpha-0.9.0.zap
SHA-256:62a7c426bc7659e4ed47fa4180549946d7c8a0a49f39c6c88acc7f6c8afd4306
https://www.zaproxy.org/docs/desktop/addons/graphql-support/
https://github.com/zaproxy/zap-extensions/
2022-04-05
22089194
2.11.1
groovy
Groovy Support
Adds Groovy support to ZAP
ZAP Dev Team
3.1.0
groovy-beta-3.1.0.zap
beta
<h3>Added</h3>
<ul>
<li>encode-decode default template.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update links to zaproxy and zap-extensions repos.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/groovy-v3.1.0/groovy-beta-3.1.0.zap
SHA-256:ee208309c6b9619f6527a05f48949e38e1476f2b3fa7c6e32fbd1111f4bdac58
https://www.zaproxy.org/docs/desktop/addons/groovy-support/
https://github.com/zaproxy/zap-extensions/
2021-10-07
19006812
2.11.0
help
Help - English
English version of the ZAP help file.
ZAP Crowdin Team
14
help-release-14.zap
release
<h3>Changed</h3>
<ul>
<li>Updated 2.11.1 release notes.</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help-v14/help-release-14.zap
SHA-256:b9a0927ce7a80df42b28b40beafad0ecfa34e45d628b302cf93e0bc825d93ee8
https://www.zaproxy.org/docs/desktop/
https://github.com/zaproxy/zap-core-help/
2021-12-10
875420
2.10.0
help_ar_SA
Help - Arabic
Arabic version of the ZAP help file.
ZAP Crowdin Team
1
help_ar_SA-alpha-1.zap
alpha
<ul>
<li>First version.</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_ar_SA-v1/help_ar_SA-alpha-1.zap
SHA-256:8208b0c788d5e29a2bb34f3c44c07db613faefb17d8d9cfb60adc02629c2b3f1
https://github.com/zaproxy/zap-core-help/
2022-01-18
649333
2.11.0
help_bs_BA
Help - Bosnian
Bosnian version of the ZAP help file.
ZAP Crowdin Team
9
help_bs_BA-alpha-9.zap
alpha
Updated with the latest files from crowdin
https://github.com/zaproxy/zap-extensions/releases/download/2.7/help_bs_BA-alpha-9.zap
SHA1:d33a3277e877da4734e6bf9c911c61c4e6ce2f3f
2018-02-08
747536
2.7.0
help_es_ES
Help - Spanish
Spanish version of the ZAP help file.
ZAP Crowdin Team
10
help_es_ES-release-10.zap
release
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_es_ES-v10/help_es_ES-release-10.zap
SHA-256:63cc24e180374cf038d6aefe31b3f62e170437958ad61d2d3e65d2722fbedc1a
https://github.com/zaproxy/zap-core-help/
2022-01-18
697066
2.11.0
help_fil_PH
Help - Filipino
Filipino version of the ZAP help file.
ZAP Crowdin Team
3
help_fil_PH-alpha-3.zap
alpha
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_fil_PH-v3/help_fil_PH-alpha-3.zap
SHA-256:64bbeb0f9404b70c0d49e9fd5da789b8d3902a20f518c7305eb412242831a180
https://github.com/zaproxy/zap-core-help/
2022-01-18
710027
2.11.0
help_fr_FR
Help - French
French version of the ZAP help file.
ZAP Crowdin Team
10
help_fr_FR-alpha-10.zap
alpha
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_fr_FR-v10/help_fr_FR-alpha-10.zap
SHA-256:f1ede9441e5de48170fdef598eb543ef6ad0813eed2e838d2c4803ea114fcb1a
https://github.com/zaproxy/zap-core-help/
2022-01-18
646717
2.11.0
help_id_ID
Help - Indonesian
Indonesian version of the ZAP help file.
ZAP Crowdin Team
3
help_id_ID-beta-3.zap
beta
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_id_ID-v3/help_id_ID-beta-3.zap
SHA-256:ef50363872d783c3c49417bc821b28256cf35d8390004c48f6d4e030ceb8a7c5
https://github.com/zaproxy/zap-core-help/
2022-01-18
671009
2.11.0
help_ja_JP
Help - Japanese
Japanese version of the ZAP help file.
ZAP Crowdin Team
10
help_ja_JP-beta-10.zap
beta
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_ja_JP-v10/help_ja_JP-beta-10.zap
SHA-256:11d310352e8719fe50587c5b97dd5eeb3a2e2ab23e450a7c1d0fad013d003536
https://github.com/zaproxy/zap-core-help/
2022-01-18
661964
2.11.0
help_ms_MY
Help - Malay
Malay version of the ZAP help file.
ZAP Crowdin Team
1
help_ms_MY-alpha-1.zap
alpha
<ul>
<li>First version.</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_ms_MY-v1/help_ms_MY-alpha-1.zap
SHA-256:6407990b8ebaa2e401c3addc47081c742ab7fce25cec107ef49b4e627ad3ceae
https://github.com/zaproxy/zap-core-help/
2022-01-18
636908
2.11.0
help_pt_BR
Help - Portuguese, Brazilian
Portuguese, Brazilian version of the ZAP help file.
ZAP Crowdin Team
11
help_pt_BR-release-11.zap
release
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_pt_BR-v11/help_pt_BR-release-11.zap
SHA-256:3fdf92763c1c851848df6b3588c97bbeb22837002351fd00c8208d8ab01ff710
https://github.com/zaproxy/zap-core-help/
2022-01-18
682092
2.11.0
help_ru_RU
Help - Russian
Russian version of the ZAP help file.
ZAP Crowdin Team
2
help_ru_RU-release-2.zap
release
<h3>Changed</h3>
<ul>
<li>Promote to Release</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_ru_RU-v2/help_ru_RU-release-2.zap
SHA-256:3fd5d8e6af7453a3a16e7c38a19ec941a330d0fd050f562ecebdc4638ae52c80
https://github.com/zaproxy/zap-core-help/
2022-02-24
779171
2.11.0
help_tr_TR
Help - Turkish
Turkish version of the ZAP help file.
ZAP Crowdin Team
2
help_tr_TR-release-2.zap
release
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_tr_TR-v2/help_tr_TR-release-2.zap
SHA-256:a92b43beab5e196341d8ddf40d594f1596c225c74f0f5b9280e223acc9a8535c
https://github.com/zaproxy/zap-core-help/
2022-01-18
710766
2.11.0
help_zh_CN
Help - Chinese Simplified
Chinese Simplified version of the ZAP help file.
ZAP Crowdin Team
3
help_zh_CN-beta-3.zap
beta
<h3>Changed</h3>
<ul>
<li>Updated with the latest files from crowdin</li>
</ul>
https://github.com/zaproxy/zap-core-help/releases/download/help_zh_CN-v3/help_zh_CN-beta-3.zap
SHA-256:959b718a307ca32c7807c0d327533765eeb6a0a799b9bc98a2a1e22b3b47bc5a
https://github.com/zaproxy/zap-core-help/
2022-01-18
656718
2.11.0
highlighter
Highlighter
Allows you to highlight strings in the request and response tabs.
ZAP Dev Team
8
highlighter-alpha-8.zap
alpha
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/highlighter-v8/highlighter-alpha-8.zap
SHA-256:4c4852bb2f42eb20dbe19a091e9025667947c73967a65770658333bedd01fccf
https://www.zaproxy.org/docs/desktop/addons/highlighter/
https://github.com/zaproxy/zap-extensions/
2021-10-07
115527
2.11.0
hud
HUD - Heads Up Display
Display information from ZAP in browser.
ZAP Dev Team
0.13.0
hud-beta-0.13.0.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Clarify resend tutorial instructions. <a href="https://github.com/zaproxy/zap-hud/issues/861">#861</a></li>
<li>Update dependencies.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fix typo in tutorial.</li>
<li>Added initial accessibility fixes for modals and tabs</li>
</ul>
https://github.com/zaproxy/zap-hud/releases/download/v0.13.0/hud-beta-0.13.0.zap
SHA-256:06bdf1f9ef0c7f1f55cdd1d5eb9c9ba1a53903b8a3a26224c941d7bb9f18c8ef
https://www.zaproxy.org/docs/desktop/addons/hud/
https://github.com/zaproxy/zap-hud/
2021-10-06
1380404
2.11.0
websocket
imagelocationscanner
Image Location and Privacy Scanner
Image Location and Privacy Passive Scanner
Jay Ball (veggiespam) and the ZAP Dev Team
3
imagelocationscanner-beta-3.zap
beta
<h3>Added</h3>
<ul>
<li>OWASP Top Ten 2021/2017 mappings.</li>
<li>Example alert to support documentation efforts.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update link to repository.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/imagelocationscanner-v3/imagelocationscanner-beta-3.zap
SHA-256:0bcf856acad95336f03a72fded0775470fcfdc5d82af2a2ddfb3c6fad03b04e1
https://www.zaproxy.org/docs/desktop/addons/image-location-and-privacy-scanner/
https://github.com/zaproxy/zap-extensions/
2021-10-07
1135956
2.11.0
commonlib
>= 1.5.0 & < 2.0.0
importLogFiles
Log File Importer
Allows you to import log files from ModSecurity and files previously exported from ZAP
Joseph Kirwin, ZAP Dev Team
6
importLogFiles-alpha-6.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.1.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/importLogFiles-v6/importLogFiles-alpha-6.zap
SHA-256:8e9383c3c8f13abbb98e4726cff2d0843e350e9214dd89c74778a46d679711a2
https://www.zaproxy.org/docs/desktop/addons/log-file-importer/
https://github.com/zaproxy/zap-extensions/
2021-12-22
156767
2.11.1
exim
importurls
Import files containing URLs
Adds an option to import a file of URLs. The file must be plain text with one URL per line.
ZAP Dev Team
9
importurls-beta-9.zap
beta
<h3>Retired</h3>
<ul>
<li>This add-on has been retired, and its functionality has been replaced by the Import/Export Add-on.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.1.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/importurls-v9/importurls-beta-9.zap
SHA-256:1dd3602a9fa88ff2834643556226fd2129561abf217d8b4ac0d7281e55be06ee
https://www.zaproxy.org/docs/desktop/addons/import-urls/
https://github.com/zaproxy/zap-extensions/
2021-12-22
231139
2.11.1
exim
invoke
Invoke Applications
Invoke external applications passing context related information such as URLs and parameters
ZAP Dev Team
11
invoke-beta-11.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/invoke-v11/invoke-beta-11.zap
SHA-256:088ed335a7dbe1ad1569fc249e1a395f1957e39598c6d4d648cdc49780cb71fc
https://www.zaproxy.org/docs/desktop/addons/invoke-applications/
https://github.com/zaproxy/zap-extensions/
2021-10-06
322829
2.11.0
jruby
Ruby Scripting
Allows Ruby to be used for ZAP scripting - templates included
ZAP Dev Team
8
jruby-beta-8.zap
beta
<h3>Changed</h3>
<ul>
<li>Update links to zaproxy repo.</li>
<li>Rename reliability to confidence in active/passive templates.</li>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/jruby-v8/jruby-beta-8.zap
SHA-256:f5bb450a165f6c407b8d24f7b2776bdc7a2edb0b4b42aea385f8a6ad1ae605ca
https://www.zaproxy.org/docs/desktop/addons/ruby-scripting/
https://github.com/zaproxy/zap-extensions/
2021-10-07
21968128
2.11.0
jsonview
JSON View
Adds a view that shows JSON messages nicely formatted
Juha Kivekäs
2
jsonview-alpha-2.zap
alpha
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add the main context menu to the JSON view.</li>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Capitalize the view dropdown menu entry (related to Issue 2000).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/jsonview-v2/jsonview-alpha-2.zap
SHA-256:49fd8995eac7724e5a60f7b6d7f10cfb617f3f083b6f23406075631ba23c7ebc
https://www.zaproxy.org/docs/desktop/addons/json-view/
https://github.com/zaproxy/zap-extensions/
2021-10-07
119886
2.11.0
jwt
JWT Support
Detect JWT requests and scan them to find related vulnerabilities
KSASAN preetkaran20@gmail.com
1.0.2
jwt-alpha-1.0.2.zap
alpha
<ul>
<li>First version of JWT Support.
<ul>
<li>Contains scanning rules for basic JWT related vulnerabilities.</li>
<li>Contains JWT Fuzzer for fuzzing the JWT's present in the request.</li>
</ul>
</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/2.7/jwt-alpha-1.0.2.zap
SHA-256:f35af7bb3fbb88ae3da5ab0ac7a5c562463dfab521f3e54c7194b44358f793b3
https://github.com/SasanLabs/owasp-zap-jwt-addon/
2022-01-22
751195
2.11.1
commonlib
fuzz
13.*
jython
Python Scripting
Allows Python to be used for ZAP scripting - templates included
ZAP Dev Team
12
jython-beta-12.zap
beta
<h3>Added</h3>
<ul>
<li>encode-decode default and rot13 templates.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update links to zaproxy repo.</li>
<li>Rename reliability to confidence in active/passive templates.</li>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/jython-v12/jython-beta-12.zap
SHA-256:4519b862edf8f006c429c86b0152ade561b660ae6f74cfce684b272f4fe28ef1
https://www.zaproxy.org/docs/desktop/addons/python-scripting/
https://github.com/zaproxy/zap-extensions/
2021-10-07
43312397
2.11.0
kotlin
Kotlin Support
Allows Kotlin to be used for ZAP scripting
StackHawk Engineering
1.1.0
kotlin-alpha-1.1.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Use appropriate syntax style for highlighting of code.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/kotlin-v1.1.0/kotlin-alpha-1.1.0.zap
SHA-256:85a47ea7199b77cfb09081302c277de2ba5e2102ef79907573ebcfa6425302e9
https://www.zaproxy.org/docs/desktop/addons/kotlin-support/
https://github.com/zaproxy/zap-extensions/
2021-10-07
48865539
2.11.0
neonmarker
Neonmarker
Colors history table items based on tags
Juha Kivekäs, Kingthorin
1.4.0
neonmarker-alpha-1.4.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Add red/green icon to Enable/Disable toggle button.</li>
<li>Maintenance changes.</li>
<li>Now targeting ZAP 2.10.</li>
<li>Ensure added color mappings are unique (Issue 11). Only applies when mappings are added programmatically, a user can still define the same mapping multiple times via the GUI (hopefully they'll recognize the inefficiency of doing so).</li>
</ul>
https://github.com/kingthorin/neonmarker/releases/download/v1.4.0/neonmarker-alpha-1.4.0.zap
SHA-256:46947eea7130298c765bf089147fa54a9e1353a57a2033829aded3947a118d55
https://www.zaproxy.org/docs/desktop/addons/neonmarker/
https://github.com/kingthorin/neonmarker
2021-08-26
28259
2.10.0
network
Network
Provides core networking capabilities.
ZAP Dev Team
0.2.0
network-alpha-0.2.0.zap
alpha
<h3>Added</h3>
<ul>
<li>On weekly releases and versions after 2.11:
<ul>
<li>Management of local servers/proxies, supersedes core functionality;</li>
<li>Configuration of aliases for the servers/proxies (<a href="https://github.com/zaproxy/zaproxy/issues/3594">Issue 3594</a>);</li>
<li>Pass-through connections (<a href="https://github.com/zaproxy/zaproxy/issues/6832">Issue 6832</a>).</li>
</ul>
</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/network-v0.2.0/network-alpha-0.2.0.zap
SHA-256:9684a67a6bdf2d221f85fb86ff7cb3c1a4aefda4f7fda4a715f5dfa182fcbbd9
https://www.zaproxy.org/docs/desktop/addons/network/
https://github.com/zaproxy/zap-extensions/
2022-04-06
17892519
2.11.1
oast
OAST Support
Allows you to exploit out-of-band vulnerabilities
ZAP Dev Team
0.10.0
oast-alpha-0.10.0.zap
alpha
<h3>Added</h3>
<ul>
<li>The following two statistics for each OAST service:
<ul>
<li><code>stats.oast.<service>.payloadsGenerated</code></li>
<li><code>stats.oast.<service>.interactions</code></li>
</ul>
</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Use Network add-on to serve callback requests.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/oast-v0.10.0/oast-alpha-0.10.0.zap
SHA-256:b4b4b4defc01b14675ce1f4d6dadbfaa118ec06456162bb00a585735d9a95526
https://www.zaproxy.org/docs/desktop/addons/oast-support/
https://github.com/zaproxy/zap-extensions/
2022-02-18
773485
2.11.1
network
>= 0.1.0
onlineMenu
Online menus
ZAP Online menu items
ZAP Dev Team
9
onlineMenu-release-9.zap
release
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/onlineMenu-v9/onlineMenu-release-9.zap
SHA-256:14d46e64178caf551462eb77478002ba08946ff639a1a52007527c41fd85bbee
https://www.zaproxy.org/docs/desktop/addons/online-menu/
https://github.com/zaproxy/zap-extensions/
2021-10-06
208120
2.11.0
openapi
OpenAPI Support
Imports and spiders OpenAPI definitions.
ZAP Dev Team plus Joanna Bona, Nathalie Bouchahine, Artur Grzesica, Mohammad Kamar, Markus Kiss, Michal Materniak, Marcin Spiewak, and SDA SE Open Industry Solutions
27
openapi-beta-27.zap
beta
<h3>Added</h3>
<ul>
<li>Support content field (JSON) in parameters (Issue 6166).</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Now depends on commonlib for display of import progress (Issue 6783).</li>
<li>Dependency updates.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Properly generate Content-Type header when in presence of more than one supported content (Issue 7082).</li>
<li>Quote provided string values in JSON content (Issue 7128).</li>
<li>Properly handle empty default values in server variables.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/openapi-v27/openapi-beta-27.zap
SHA-256:e96bd5791496cdc72951bd59869618a88932b50775a1c08b1371c6e12294d983
https://www.zaproxy.org/docs/desktop/addons/openapi-support/
https://github.com/zaproxy/zap-extensions/
2022-03-29
12169396
2.11.1
commonlib
>= 1.8.0 & < 2.0.0
packpentester
Collection: Pentester Pack
A collection of add-ons ideal for pentesters
ZAP Dev Team
0.1.0
packpentester-alpha-0.1.0.zap
alpha
<h3>Fixed</h3>
<ul>
<li>Corrected fuzz add-on name</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/packpentester-v0.1.0/packpentester-alpha-0.1.0.zap
SHA-256:0b8e7e4ddffdcacf46fdf9793bf84217738e281cbd5ccac732788c4b768d069c
https://www.zaproxy.org/docs/desktop/addons/collection-pentester-pack/
https://github.com/zaproxy/zap-extensions/
2022-05-12
6792
2.11.1
accessControl
attacksurfacedetector
custompayloads
evalvillain
fileupload
fuzz
fuzzdb
jsonview
jwt
requester
viewstate
wappalyzer
packscanrules
Collection: Scan Rules Pack
All of the add-ons just containing release, beta and alpha status scan rules
ZAP Dev Team
0.0.1
packscanrules-alpha-0.0.1.zap
alpha
<p>First version.</p>
https://github.com/zaproxy/zap-extensions/releases/download/packscanrules-v0.0.1/packscanrules-alpha-0.0.1.zap
SHA-256:5ad68f153379bd96f36a7bead61e884cc42e1409cdd262dffc682b5f7bf92da4
https://www.zaproxy.org/docs/desktop/addons/collection-scan-rules-pack/
https://github.com/zaproxy/zap-extensions/
2022-05-13
9244
2.11.1
ascanrules
ascanrulesAlpha
ascanrulesBeta
domxss
pscanrules
pscanrulesAlpha
pscanrulesBeta
retire
plugnhack
Plug-n-Hack Configuration
Supports the Mozilla Plug-n-Hack standard: https://developer.mozilla.org/en-US/docs/Plug-n-Hack.
ZAP Dev Team
12
plugnhack-beta-12.zap
beta
<h3>Added</h3>
<ul>
<li>Add repo URL.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Issue 2000 - Updated strings shown in context menu with title caps.</li>
<li>Change info URL to link to the site.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/plugnhack-v12/plugnhack-beta-12.zap
SHA-256:9a1cc0e664629e9f6aabdc1a2c13b800112bdc8b35b0cc4b375a011eb2430b49
https://www.zaproxy.org/docs/desktop/addons/plug-n-hack/
https://github.com/zaproxy/zap-extensions/
2021-10-07
729770
2.11.0
portscan
Port Scanner
Allows to port scan a target server
ZAP Dev Team
9
portscan-beta-9.zap
beta
<h3>Added</h3>
<ul>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Update default values in the options to match the ones in the default configuration file.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/portscan-v9/portscan-beta-9.zap
SHA-256:be85aac379e3415ccd771b983ac52d208e5ddeb5b5e591fab047e97a895b2dfb
https://www.zaproxy.org/docs/desktop/addons/port-scan/
https://github.com/zaproxy/zap-extensions/
2021-10-07
714392
2.11.0
pscanrules
Passive scanner rules
The release status Passive Scanner rules
ZAP Dev Team
41
pscanrules-release-41.zap
release
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>The "Viewstate without MAC Signature (Unsure)" alert will now only be raised at Low Alert Threshold (Issue 7230).</li>
<li>The Content Security Policy scan rule will now alert when "unsafe-hashes" are allowed.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Correct parameter and evidence for Cookie without SameSite Attribute when SAMESITE was set to None (Issue 7358).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/pscanrules-v41/pscanrules-release-41.zap
SHA-256:7d266cad2ac3bd691ec4cb8637be4e5cdc38861e4aced1196e257394b343bb9e
https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules/
https://github.com/zaproxy/zap-extensions/
2022-06-24
1231843
2.11.1
commonlib
>= 1.7.0 & < 2.0.0
pscanrulesAlpha
Passive scanner rules (alpha)
The alpha status Passive Scanner rules
ZAP Dev Team
35
pscanrulesAlpha-alpha-35.zap
alpha
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
</ul>
<h3>Added</h3>
<ul>
<li>OWASP Web Security Testing Guide v4.2 mappings where applicable.</li>
<li>Sub Resource Integrity Attribute Missing scan rule will now include the suggested integrity hash (Base64 encoded SHA384 hash) as part of the relevant Alert's Other Info details if the referenced script can be found in the Sites Tree (Issue 5894).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/pscanrulesAlpha-v35/pscanrulesAlpha-alpha-35.zap
SHA-256:0f94d35c66b52642cf438311b301d439cddeb192f4d5582995220a2cf6c39e05
https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules-alpha/
https://github.com/zaproxy/zap-extensions/
2021-12-01
651755
2.11.0
commonlib
>= 1.6.0 & < 2.0.0
pscanrulesBeta
Passive scanner rules (beta)
The beta status Passive Scanner rules
ZAP Dev Team
29
pscanrulesBeta-beta-29.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.1.</li>
<li>Maintenance changes.</li>
</ul>
<h3>Removed</h3>
<ul>
<li>Content Security Policy (CSP) Header Not Set scan rule promoted to release.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/pscanrulesBeta-v29/pscanrulesBeta-beta-29.zap
SHA-256:c03ea666858a108eff51cfd4e7cd141d172755e3a335ae0ed297707819d6769f
https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules-beta/
https://github.com/zaproxy/zap-extensions/
2022-04-05
1021476
2.11.1
commonlib
>= 1.7.0 & < 2.0.0
quickstart
Quick Start
Provides a tab which allows you to quickly test a target application
ZAP Dev Team
33
quickstart-release-33.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.1.</li>
<li>Browser Launch/Manual Explore will now display a warning dialog if the selected browser executable cannot be found (Issue 6963).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/quickstart-v33/quickstart-release-33.zap
SHA-256:21ff2127d865b5204b4e09b50e9615bd4435823e3b8503ac5f731d5abbe6084e
https://www.zaproxy.org/docs/desktop/addons/quick-start/
https://github.com/zaproxy/zap-extensions/
2021-12-13
617848
2.11.1
callhome
>= 0.0.1
network
>= 0.0.1
reports
>= 0.4.0
reflect
Reflect
Finds reflected parameters
Caleb Kinney
0.0.11
reflect-alpha-0.0.11.zap
alpha
https://github.com/zaproxy/zap-extensions/releases/download/2.7/reflect-alpha-0.0.11.zap
SHA-256:c45307037042e4079546a5fcb17d1165475e5cdd5ba7e8abc0d2cf0a14866466
2021-02-19
1780219
2.9.0
regextester
Regular Expression Tester
Allows to test Regular Expressions
ZAP Dev Team
2
regextester-alpha-2.zap
alpha
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Close dialogues when the add-on is uninstalled.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/regextester-v2/regextester-alpha-2.zap
SHA-256:b4706709c16a45e8bedc0bd6f28dd09532d5dbf3f1fe2c2853e20dbf6160a584
https://www.zaproxy.org/docs/desktop/addons/regular-expression-tester/
https://github.com/zaproxy/zap-extensions/
2021-10-07
159441
2.11.0
replacer
Replacer
Easy way to replace strings in requests and responses.
ZAP Dev Team
9
replacer-beta-9.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Update links to zaproxy repo.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/replacer-v9/replacer-beta-9.zap
SHA-256:0950fac81a04e0bb791fa514aac145e05fd3483f95584dd00d880157f65c12e3
https://www.zaproxy.org/docs/desktop/addons/replacer/
https://github.com/zaproxy/zap-extensions/
2021-10-06
334557
2.11.0
reports
Report Generation
Official ZAP Reports.
ZAP Dev Team
0.14.0
reports-release-0.14.0.zap
release
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Exceptions when generating some reports without the Automation add-on being installed.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/reports-v0.14.0/reports-release-0.14.0.zap
SHA-256:bdb1859345e8b44a2d11f70d816d78a6fe781cdbccd7eb35557bc32769fd3c24
https://www.zaproxy.org/docs/desktop/addons/report-generation/
https://github.com/zaproxy/zap-extensions/
2022-06-22
66962107
2.11.1
requester
Requester
Request numbered panel.
Surikato
6
requester-alpha-6.zap
alpha
<h3>Added</h3>
<ul>
<li>Support for renaming tabs.</li>
<li>More help.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.1.</li>
<li>Maintenance changes.</li>
<li>Moved Help button to the Response tab.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/requester-v6/requester-alpha-6.zap
SHA-256:3d3e1aff47fc1446c6e25b8c718e276ee4bff9627e85743379a95e194140c77f
https://www.zaproxy.org/docs/desktop/addons/requester/
https://github.com/zaproxy/zap-extensions/
2022-05-10
165379
2.11.1
retest
Retest
An add-on to retest for presence/absence of previously generated alerts.
ZAP Dev Team
0.2.0
retest-alpha-0.2.0.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/retest-v0.2.0/retest-alpha-0.2.0.zap
SHA-256:b2fca87abb96b6e3748b3d834e6dd3e0f5cfbc2fede6c20b82cf157d87cbf2bf
https://www.zaproxy.org/docs/desktop/addons/retest/
https://github.com/zaproxy/zap-extensions/
2021-10-06
254909
2.11.0
automation
>=0.6.0
retire
Retire.js
Retire.js
Nikita Mundhada and the ZAP Dev Team
0.12.0
retire-release-0.12.0.zap
release
<h3>Changed</h3>
<ul>
<li>Updated with upstream retire.js pattern changes.</li>
<li>Relevant CVEs will now be added as Alert Tags when available.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/retire-v0.12.0/retire-release-0.12.0.zap
SHA-256:3ea093c8f4de6944a296b3655b79f38ecf62a8a147dd7f383f226ee128e5a342
https://www.zaproxy.org/docs/desktop/addons/retire.js/
https://github.com/zaproxy/zap-extensions/
2022-05-26
1210654
2.11.1
commonlib
>= 1.7.0 & < 2.0.0
reveal
Reveal
Show hidden fields and enable disabled fields
ZAP Dev Team
4
reveal-release-4.zap
release
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/reveal-v4/reveal-release-4.zap
SHA-256:b8f1e971ae15df7aab3d896ad88a4f503971db24fcff86d92fb243c476fc4f01
https://www.zaproxy.org/docs/desktop/addons/reveal/
https://github.com/zaproxy/zap-extensions/
2021-10-06
237540
2.11.0
revisit
Revisit
Revisit a site at any time in the past using the session history
ZAP Dev Team
4
revisit-alpha-4.zap
alpha
<h3>Added</h3>
<ul>
<li>Add info and repo URLs.</li>
<li>Maintenance changes.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/revisit-v4/revisit-alpha-4.zap
SHA-256:445bb2a98e06d4ecc945c35c2777dae1b1e5b6ea20de78b920c8004bc3615195
https://www.zaproxy.org/docs/desktop/addons/revisit/
https://github.com/zaproxy/zap-extensions/
2021-10-07
299864
2.11.0
saml
SAML Support
Detect, Show, Edit, Fuzz SAML requests
ZAP Dev Team
9
saml-alpha-9.zap
alpha
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/saml-v9/saml-alpha-9.zap
SHA-256:37c167b76115a7a0710b1e8940591797da170961ca69f517c66a25b16712cb1a
https://www.zaproxy.org/docs/desktop/addons/saml-support/
https://github.com/zaproxy/zap-extensions/
2021-10-07
1809830
2.11.0
saverawmessage
Save Raw Message
Allows to save content of HTTP messages as binary
ZAP Dev Team
7
saverawmessage-release-7.zap
release
<h3>Retired</h3>
<ul>
<li>This add-on has been retired, and its functionality has been replaced by the Import/Export Add-on.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/saverawmessage-v7/saverawmessage-release-7.zap
SHA-256:530e0c46d30c9aeb0a6b4cc4fbb3d3083db0337cbb88ac0db96271076b9ec48b
https://www.zaproxy.org/docs/desktop/addons/save-raw-message/
https://github.com/zaproxy/zap-extensions/
2021-12-22
23464
2.11.1
exim
savexmlmessage
Save XML Message
Allows to save content of HTTP messages as XML
thatsn0tmysite
0.3.0
savexmlmessage-alpha-0.3.0.zap
alpha
<h3>Retired</h3>
<ul>
<li>This add-on has been retired, and its functionality has been replaced by the Import/Export Add-on.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/savexmlmessage-v0.3.0/savexmlmessage-alpha-0.3.0.zap
SHA-256:0a73d4d8f07a5e7c1e9140b22faa63fb3fbb51fb88d5e33ff297723564c0c79d
https://www.zaproxy.org/docs/desktop/addons/save-xml-message/
https://github.com/zaproxy/zap-extensions/
2021-12-22
6034
2.11.1
exim
scripts
Script Console
Supports all JSR 223 scripting languages
ZAP Dev Team
30
scripts-beta-30.zap
beta
<h3>Added</h3>
<ul>
<li>Automation ScriptJob - Add or remove any script and run a standalone script</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.1.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/scripts-v30/scripts-beta-30.zap
SHA-256:990819681db37ce24c346dc93e8065e226a3edaa0bf2a7b8986fa66b51a87d1a
https://www.zaproxy.org/docs/desktop/addons/script-console/
https://github.com/zaproxy/zap-extensions/
2022-02-25
714448
2.11.1
selenium
Selenium
WebDriver provider and includes HtmlUnit browser
ZAP Dev Team
15.9.0
selenium-release-15.9.0.zap
release
<h3>Changed</h3>
<ul>
<li>Use Network add-on to obtain main proxy address/port.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Restore usage of bundled ChromeDriver (<a href="https://github.com/zaproxy/zaproxy/issues/7272">Issue #7272</a>).</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/selenium-v15.9.0/selenium-release-15.9.0.zap
SHA-256:297114535a2e2973d96fcb18bc686cf46991386d3ccdb8157a884bc537a44228
https://www.zaproxy.org/docs/desktop/addons/selenium/
https://github.com/zaproxy/zap-extensions/
2022-05-06
24911785
2.11.1
network
>=0.2.0
sequence
Sequence
Gives the possibility of defining a sequence of requests to be scanned.
ZAP Dev Team
6
sequence-alpha-6.zap
alpha
<h3>Added</h3>
<ul>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Issue 2000 - Updated strings shown in active scan dialog with title caps.</li>
<li>Enable help button in Sequence tab of Active Scan dialog.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/sequence-v6/sequence-alpha-6.zap
SHA-256:2849204eab9ea1da50404ab9604e5ec69440c490453a24392c9a40bf95cdb164
https://www.zaproxy.org/docs/desktop/addons/sequence-scanner/
https://github.com/zaproxy/zap-extensions/
2021-10-07
1556476
2.11.0
zest
soap
SOAP Support
Imports and scans WSDL files containing SOAP endpoints.
Alberto (albertov91) + ZAP Dev Team
13
soap-alpha-13.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.1.</li>
<li>Dependency updates.</li>
<li>When the automation Job is edited via UI Dialog then the status will be set to Not started</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Do not report "Unrecognised parameter" for valid parameters.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/soap-v13/soap-alpha-13.zap
SHA-256:bf24fb94dd9d604cca964e6b27d3a8df518a413758c4f7aacfeef41d513114aa
https://www.zaproxy.org/docs/desktop/addons/soap-support/
https://github.com/zaproxy/zap-extensions/
2022-02-01
13982769
2.11.1
commonlib
>= 1.5.0 & < 2.0.0
spiderAjax
Ajax Spider
Allows you to spider sites that make heavy use of JavaScript using Crawljax
ZAP Dev Team
23.7.0
spiderAjax-release-23.7.0.zap
release
<h3>Added</h3>
<ul>
<li>Automation authentication support</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Dependency updates.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/spiderAjax-v23.7.0/spiderAjax-release-23.7.0.zap
SHA-256:6e1b8c60a98efcb301f7d852ae108bc92cdda18a6a4d3c6ef8861f095e182931
https://www.zaproxy.org/docs/desktop/addons/ajax-spider/
https://github.com/zaproxy/zap-extensions/
2021-11-02
5810719
2.11.0
selenium
15.*
sqliplugin
Advanced SQLInjection Scanner
An advanced active injection bundle for SQLi (derived by SQLMap)
Andrea Pompili (Yhawke)
15
sqliplugin-beta-15.zap
beta
<h3>Fixed</h3>
<ul>
<li>Re-ordered variable initialization to prevent an NPE.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/sqliplugin-v15/sqliplugin-beta-15.zap
SHA-256:76e857bd2fea0b57b641862ea5bef46365ac1b03a19371c5e818a5401f7d9384
https://www.zaproxy.org/docs/desktop/addons/advanced-sqlinjection-scanner/
https://github.com/zaproxy/zap-extensions/
2021-10-20
534349
2.11.0
commonlib
>= 1.5.0 & < 2.0.0
sse
Server-Sent Events
Allows you to view Server-Sent Events (SSE) communication.
ZAP Dev Team
10
sse-alpha-10.zap
alpha
<h3>Added</h3>
<ul>
<li>Add info and repo URLs.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Terminology</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Adjust log levels to be less verbose.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/sse-v10/sse-alpha-10.zap
SHA-256:1adc14442cedd3336319e94c93659118998fee42ae340b4ba757f3e7af475853
https://www.zaproxy.org/docs/desktop/addons/server-sent-events/
https://github.com/zaproxy/zap-extensions/
2021-10-07
339239
2.11.0
svndigger
SVN Digger Files
SVN Digger files which can be used with ZAP forced browsing
ZAP Dev Team
4
svndigger-release-4.zap
release
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add repo URL.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Promote to release status.</li>
<li>Change info URL to link to the site.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/svndigger-v4/svndigger-release-4.zap
SHA-256:5556efdf3fdb84ebd6cf3e76ca31e3fb6fb57c002cf14b2cf2f05f67bf2b622a
https://www.zaproxy.org/docs/desktop/addons/svn-digger-files/
https://github.com/zaproxy/zap-extensions/
2021-10-07
713963
2.11.0
tips
Tips and Tricks
Display ZAP Tips and Tricks
ZAP Dev Team
9
tips-beta-9.zap
beta
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/tips-v9/tips-beta-9.zap
SHA-256:dd65cd0a0f1621bd759bd92fb0a4bdba67cdf498fdaea2c40a333035aec9df97
https://www.zaproxy.org/docs/desktop/addons/tips-and-tricks/
https://github.com/zaproxy/zap-extensions/
2021-10-06
563979
2.11.0
tokengen
Token Generation and Analysis
Allows you to generate and analyze pseudo random tokens, such as those used for session handling or CSRF protection
ZAP Dev Team
15
tokengen-beta-15.zap
beta
<h3>Changed</h3>
<ul>
<li>Now using 2.10 logging infrastructure (Log4j 2.x).</li>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/tokengen-v15/tokengen-beta-15.zap
SHA-256:daef1d13d44a76b8735a30ed9e1e50fa87a85d02728bd7ae575197d173f942f9
https://www.zaproxy.org/docs/desktop/addons/token-generator/
https://github.com/zaproxy/zap-extensions/
2021-10-07
525206
2.11.0
treetools
TreeTools
Tools to add functionality to the tree view.
Carl Sampson
8
treetools-beta-8.zap
beta
<h3>Added</h3>
<ul>
<li>Add help.</li>
<li>Add info and repo URLs.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/treetools-v8/treetools-beta-8.zap
SHA-256:b7f61f8939937ebc120bce8deb72713d7676087056e88801df2573112e7642e4
https://www.zaproxy.org/docs/desktop/addons/treetools/
https://github.com/zaproxy/zap-extensions/
2021-10-07
128931
2.11.0
viewstate
ViewState
ASP/JSF ViewState Decoder and Editor
Calum Hutton
3
viewstate-alpha-3.zap
alpha
<h3>Changed</h3>
<ul>
<li>Update minimum ZAP version to 2.11.0.</li>
<li>Maintenance changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/viewstate-v3/viewstate-alpha-3.zap
SHA-256:715caefd591415e79b32195361fea82aa8c6357b24e69530c22fde0a1b6dad17
https://www.zaproxy.org/docs/desktop/addons/viewstate/
https://github.com/zaproxy/zap-extensions/
2021-10-07
148716
2.11.0
wappalyzer
Wappalyzer - Technology Detection
Technology detection using Wappalyzer: wappalyzer.com
ZAP Dev Team
21.11.0
wappalyzer-release-21.11.0.zap
release
<p>###Changed</p>
<ul>
<li>Updated with upstream Wappalyzer icon and pattern changes.</li>
<li>Update Wappalyzer URL in help documentation.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Threading issue - only reproducible with currently unreleased core changes.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/wappalyzer-v21.11.0/wappalyzer-release-21.11.0.zap
SHA-256:6eef45d6603a9d01e2cfae66f5c292255b38562f8b8f70437222c08ad76e56b5
https://www.zaproxy.org/docs/desktop/addons/technology-detection/
https://github.com/zaproxy/zap-extensions/
2022-06-03
15807241
2.11.1
commonlib
>= 1.7.0 & < 2.0.0
webdriverlinux
Linux WebDrivers
Linux WebDrivers for Firefox and Chrome.
ZAP Dev Team
40
webdriverlinux-release-40.zap
release
<h3>Changed</h3>
<ul>
<li>Update ChromeDriver to 103.0.5060.53.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/webdriverlinux-v40/webdriverlinux-release-40.zap
SHA-256:2fe0e63184d625569537b279695794c99d85ecf400e1e87d098b93db5a74fad3
https://www.zaproxy.org/docs/desktop/addons/linux-webdrivers/
https://github.com/zaproxy/zap-extensions/
2022-06-23
12763973
2.11.1
webdrivermacos
MacOS WebDrivers
MacOS WebDrivers for Firefox and Chrome.
ZAP Dev Team
41
webdrivermacos-release-41.zap
release
<h3>Changed</h3>
<ul>
<li>Update ChromeDriver to 103.0.5060.53.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/webdrivermacos-v41/webdrivermacos-release-41.zap
SHA-256:239264131232e49e3b35c34f160eee61b8e68af736b145b29289c2c5eb055dff
https://www.zaproxy.org/docs/desktop/addons/macos-webdrivers/
https://github.com/zaproxy/zap-extensions/
2022-06-23
19830335
2.11.1
webdriverwindows
Windows WebDrivers
Windows WebDrivers for Firefox and Chrome.
ZAP Dev Team
40
webdriverwindows-release-40.zap
release
<h3>Changed</h3>
<ul>
<li>Update ChromeDriver to 103.0.5060.53.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/webdriverwindows-v40/webdriverwindows-release-40.zap
SHA-256:eb0c92c88844ee03edafe25c9dd889a68be08770c0fbaa8dee7a803eaeafa77a
https://www.zaproxy.org/docs/desktop/addons/windows-webdrivers/
https://github.com/zaproxy/zap-extensions/
2022-06-23
9449320
2.11.1
websocket
WebSockets
Allows you to inspect WebSocket communication.
ZAP Dev Team
26
websocket-release-26.zap
release
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Cache WebSocket Passive Rules scripts for better performance with all script engines.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Handle errors caused by WebSocket Passive Rules scripts, which would break the passive scan.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/websocket-v26/websocket-release-26.zap
SHA-256:965a94bf9486b15eed5ad0dde9d681a2c121282bed73da62df2a6916acd0a1aa
https://www.zaproxy.org/docs/desktop/addons/websockets/
https://github.com/zaproxy/zap-extensions/
2022-05-20
1413083
2.11.1
zest
Zest - Graphical Security Scripting Language
A graphical security scripting language, ZAPs macro language on steroids
ZAP Dev Team
35
zest-beta-35.zap
beta
<h3>Changed</h3>
<ul>
<li>Maintenance changes.</li>
<li>Update minimum ZAP version to 2.11.0.</li>
</ul>
https://github.com/zaproxy/zap-extensions/releases/download/zest-v35/zest-beta-35.zap
SHA-256:bbada2c5f2e07f9a8fc933eddb4d3f8bc33293c2b55c8489e3d81c42118f6667
https://www.zaproxy.org/docs/desktop/addons/zest/
https://github.com/zaproxy/zap-extensions/
2021-10-06
13570172
2.11.0
scripts
selenium
15.*