2.14.0 D-2021-10-18 https://github.com/zaproxy/zaproxy/releases/download/w2021-10-18/ZAP_WEEKLY_D-2021-10-18.zip ZAP_WEEKLY_D-2021-10-18.zip SHA-256:9d4bcb12e47293f3cbc4c32285b8469e620f092bb2519e65e12e5e528a25a8ad 188556676 https://github.com/zaproxy/zaproxy/releases/download/v2.14.0/ZAP_2_14_0_windows-x32.exe ZAP_2_14_0_windows-x32.exe SHA-256:5dae52e27da12fba5115e40ebc0cd2da24f6d9ba91608a7b0b7b254984a0b798 220967424 https://github.com/zaproxy/zaproxy/releases/download/v2.14.0/ZAP_2_14_0_windows.exe ZAP_2_14_0_windows.exe SHA-256:df49ffbd14cf82cde5ac06902615e40cbfce1576f866436366708c0845eb9ec6 221097472 https://github.com/zaproxy/zaproxy/releases/download/v2.14.0/ZAP_2.14.0_Linux.tar.gz ZAP_2.14.0_Linux.tar.gz SHA-256:219d7f25bbe25247713805ab02cc12279898c870743c1aae3c2b0b1882191960 215142045 https://github.com/zaproxy/zaproxy/releases/download/v2.14.0/ZAP_2.14.0.dmg ZAP_2.14.0.dmg SHA-256:3b9862a647b1c5c26d6917f2316113dfaceac06bdb79ad3f2c96e0cbd73861f7 244671708 Bug fix and enhancement release. https://www.zaproxy.org/docs/desktop/releases/2.14.0/ accessControl Access Control Testing Adds a set of tools for testing access control in web applications. ZAP Dev Team 7 accessControl-alpha-7.zap alpha <h3>Changed</h3> <ul> <li>Don't set the font color for inherited entries (Issue 6397).</li> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes (some changes impact the visibility of variables and add getters/setters, which may impact third party add-ons or scripts).</li> <li>Change to no longer rely on core report classes, which are going to be deleted.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/accessControl-v7/accessControl-alpha-7.zap SHA-256:5bfa0e14cf227bc402c58bd35c19c474b781e519585f3d62c2b174e8c6ac55a0 https://www.zaproxy.org/docs/desktop/addons/access-control-testing/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 591286 2.11.0 alertFilters Alert Filters Allows you to automate the changing of alert risk levels. ZAP Dev Team 13 alertFilters-release-13.zap release <h3>Added</h3> <ul> <li>Stats for alerts changed</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> <h3>Fixed</h3> <ul> <li>Dialogs being shown under the owning dialog / frame.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/alertFilters-v13/alertFilters-release-13.zap SHA-256:71ecbe94847cf1ade03ed81d57831d806317b65c72d468521fb43f280dd710a9 https://www.zaproxy.org/docs/desktop/addons/alert-filters/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 523886 2.11.0 allinonenotes All In One Notes A simple extension to view all notes in one pane. David Vassallo 2 allinonenotes-alpha-2.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Update link to repository.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/allinonenotes-v2/allinonenotes-alpha-2.zap SHA-256:9e70d6e76b72692e9c0cb64002a692b710710e688ea2d8834818086300632d2a https://www.zaproxy.org/docs/desktop/addons/all-in-one-notes/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 249532 2.11.0 amf AMF Support Adds support for AMF messages ZAP Dev Team 3 amf-alpha-3.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/amf-v3/amf-alpha-3.zap SHA-256:01345ea00a6623d794753a3210f4e3e2b50a8c4ce2bfa6ea57324f0ff01ad7e3 https://www.zaproxy.org/docs/desktop/addons/amf-support/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 911943 2.11.0 ascanrules Active scanner rules The release status Active Scanner rules ZAP Dev Team 48 ascanrules-release-48.zap release <h3>Changed</h3> <ul> <li>Command Injection Scan Rule: Decode HTML entities in HTML responses before attempting to search for attack validation patterns.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/ascanrules-v48/ascanrules-release-48.zap SHA-256:5f777623d2f4ec74c16d84ccf00c6751e45a8c3b65398405dd53d4f9e65f3d5b https://www.zaproxy.org/docs/desktop/addons/active-scan-rules/ https://github.com/zaproxy/zap-extensions/ 2022-09-22 2517902 2.11.1 commonlib >= 1.9.0 & < 2.0.0 ascanrulesAlpha Active scanner rules (alpha) The alpha status Active Scanner rules ZAP Dev Team 40 ascanrulesAlpha-alpha-40.zap alpha <h3>Added</h3> <ul> <li>Text4shell (CVE-2022-42889) Scan Rule.</li> </ul> <h3>Fixed</h3> <ul> <li>Fix an exception in Bypassing 403 scan rule when creating example alerts.</li> </ul> <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/ascanrulesAlpha-v40/ascanrulesAlpha-alpha-40.zap SHA-256:ea323b1481524ac1a1034682c5a371cfee6256a69e54d4f12ef5a3f4654a5ae3 https://www.zaproxy.org/docs/desktop/addons/active-scan-rules-alpha/ https://github.com/zaproxy/zap-extensions/ 2022-10-19 605953 2.11.1 commonlib >= 1.9.0 & < 2.0.0 oast >= 0.7.0 ascanrulesBeta Active scanner rules (beta) The beta status Active Scanner rules ZAP Dev Team 42 ascanrulesBeta-beta-42.zap beta <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Improved description, solution, and references for the Integer Overflow scan rule.</li> <li>Added new Custom Payloads alert tag to the example alerts of the Hidden File Finder and User Agent scan rules.</li> </ul> <h3>Added</h3> <ul> <li>New User Agent strings to the User Agent fuzz scan rule.</li> <li>Additional source control paths for the Hidden Files finder scan rule.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/ascanrulesBeta-v42/ascanrulesBeta-beta-42.zap SHA-256:0ad211cf28d253c68c7055d022b500588e153f523fa2d1464b3a922c43a51400 https://www.zaproxy.org/docs/desktop/addons/active-scan-rules-beta/ https://github.com/zaproxy/zap-extensions/ 2022-09-22 2083667 2.11.1 commonlib >= 1.10.0 & < 2.0.0 network >= 0.1.0 oast >= 0.7.0 attacksurfacedetector Attack Surface Detector The Attack Surface Detector analyzes web application source code to generate endpoints that can be used for penetration testing. Secure Decisions (Matthew DeLetto) 1.1.4 attacksurfacedetector-alpha-1.1.4.zap alpha Various incremental changes (see https://github.com/secdec/attack-surface-detector-zap/releases)<br> Fix un-handled exception when target unavailable & address various "house keeping" tasks.<br> https://github.com/zaproxy/zap-extensions/releases/download/2.7/attacksurfacedetector-alpha-1.1.4.zap SHA1:e21758c2cdcbc7806f44cc986a88360457eff82e https://github.com/secdec/attack-surface-detector-zap/wiki https://github.com/secdec/attack-surface-detector-zap/ 2019-03-07 15604948 2.7.0 authstats Authentication Statistics Records logged in/out statistics for all contexts in scope. ZAP Dev Team 2 authstats-alpha-2.zap alpha <h3>Added</h3> <ul> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Dynamically unload the add-on.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/authstats-v2/authstats-alpha-2.zap SHA-256:cfb604c27f3a7a58e7b5aa55fe9f19a9ce5561fab3ef7d3f6c72845671fb5dcf https://www.zaproxy.org/docs/desktop/addons/authentication-statistics/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 247499 2.11.0 automation Automation Framework Automation Framework. ZAP Dev Team 0.18.0 automation-beta-0.18.0.zap beta <h3>Added</h3> <ul> <li>Add support for headers in the requestor job (Issue 6917).</li> </ul> <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> <h3>Fixed</h3> <ul> <li>Allow spider to run if no OK response (Issue 7510).</li> <li>Bug in passive scan reporting code which prevented specified alerts from being read.</li> <li>NPE when adding users to more than one context.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/automation-v0.18.0/automation-beta-0.18.0.zap SHA-256:85776818b38d49577fb8c45fe399d028b4634438f5771fe8fd6aa7a74117b4f7 https://www.zaproxy.org/docs/desktop/addons/automation-framework/ https://github.com/zaproxy/zap-extensions/ 2022-10-12 4333826 2.11.1 beanshell BeanShell Console Provides a BeanShell Console ZAP Dev Team 7 beanshell-beta-7.zap beta <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> <li>Improve permissions and space handling when saving.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/beanshell-v7/beanshell-beta-7.zap SHA-256:0a83cb7d0369ccef50768ccbda1e6c6d82b9f4e3bd9372b38fd32cc21f6a30fb https://www.zaproxy.org/docs/desktop/addons/bean-shell/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 577838 2.11.0 browserView Browser View Adds an option to render HTML responses like a browser ZAP Dev Team 5 browserView-alpha-5.zap alpha Allow to properly scroll the rendered page. https://github.com/zaproxy/zap-extensions/releases/download/2.7/browserView-alpha-5.zap SHA1:0aaf81863ad1011136416b49a05eba3d8b262a02 https://www.zaproxy.org/docs/desktop/addons/browser-view/ https://github.com/zaproxy/zap-extensions/ 2017-11-28 193880 2.4.0 bruteforce Forced Browse Forced browsing of files and directories using code from the OWASP DirBuster tool ZAP Dev Team 11 bruteforce-beta-11.zap beta <h3>Changed</h3> <ul> <li>Send HTTP messages with ZAP, making use of all its features (e.g. user authentication, custom user-agent, HTTP Sender scripts) (Issues 173 and 3060).</li> <li>Now using 2.10 logging infrastructure (Log4j 2.x).</li> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/bruteforce-v11/bruteforce-beta-11.zap SHA-256:b0713b47c7e16a33d46002382b83ebcdd18bfdf852bf021574378dde49f347fc https://www.zaproxy.org/docs/desktop/addons/forced-browse/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 548895 2.11.0 bugtracker Bug Tracker Bug Tracker extension. ZAP Dev Team 4 bugtracker-alpha-4.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Dependency updates.</li> <li>Maintenance changes.</li> <li>Updated to use PAT not password (https://github.blog/changelog/2021-08-12-git-password-authentication-is-shutting-down/).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/bugtracker-v4/bugtracker-alpha-4.zap SHA-256:37c57f8e7f4a1608500527ac1831f8b078427f804ea04ad5790a2970e3e1b722 https://www.zaproxy.org/docs/desktop/addons/bug-tracker/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 3707425 2.11.1 callgraph Call Graph Allows the user to view a call graph of the selected resources Colm O'Flaherty 5 callgraph-alpha-5.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/callgraph-v5/callgraph-alpha-5.zap SHA-256:0874ce5aad0c4bbf28f72627a4940759d328396e12b7d6a5596f2e41bf24dc4e https://www.zaproxy.org/docs/desktop/addons/call-graph/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 925930 2.11.0 callhome Call Home Handles all of the calls to ZAP services. ZAP Dev Team 0.4.0 callhome-alpha-0.4.0.zap alpha <h3>Changed</h3> <ul> <li>Show a more user friendly log and Output tab message when Java's truststore may not contain the CA certificate(s) for intermediate proxy(ies) (Issue 1623).</li> <li>Maintenance changes.</li> </ul> <h3>Fixed</h3> <ul> <li>HTTP Sender listeners could modify CFU and telemetry requests.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/callhome-v0.4.0/callhome-alpha-0.4.0.zap SHA-256:38faabf191d3653c3b3f7c14ea3991409fdd997fc8f5534a32ce813dc6d6f92e https://www.zaproxy.org/docs/desktop/addons/call-home/ https://github.com/zaproxy/zap-extensions/ 2022-07-18 318509 2.11.1 codedx Code Dx Extension Includes request and response data in XML reports and provides the ability to upload reports directly to a Code Dx server Code Dx, Inc. 9 codedx-alpha-9.zap alpha <h3>Added</h3> <ul> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Change info URL to link to the site.</li> <li>Maintenance changes.</li> <li>Change to no longer rely on core report classes, which are going to be deleted.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/codedx-v9/codedx-alpha-9.zap SHA-256:767e0a098de281f0bc880b036a5192f26fe0bb014b81227b385a0b63ca570428 https://www.zaproxy.org/docs/desktop/addons/code-dx/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 1769797 2.11.0 commonlib Common Library A common library, for use by other add-ons. ZAP Dev Team 1.10.0 commonlib-release-1.10.0.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/commonlib-v1.10.0/commonlib-release-1.10.0.zap SHA-256:0e5dd83df042ee08a5dad17c00233bad09123e52df3bbc5579fd96aeb008babf https://github.com/zaproxy/zap-extensions/ 2022-09-15 4081774 2.11.1 communityScripts Community Scripts Useful ZAP scripts written by the ZAP community. ZAP Community 15 communityScripts-alpha-15.zap alpha <h3>Added</h3> <ul> <li>active/RCE.py</li> <li>active/SSTI.py</li> <li>active/SSTI.js - An active scan script to check for SSTI in 14 different template engines.</li> <li>httpfuzzerprocessor/addCacheBusting.js - Fuzzing with cache busting.</li> <li>encode-decode <ul> <li>README.md - Summary of the script type.</li> <li>double-spacer.js - A script that inserts a space after every character in a string.</li> </ul> </li> <li>standalone/SecurityCrawlMazeScore.js</li> <li>scan-hooks/LogMessagesHook.py and httpsender/LogMessages.js to help debugging, especially in docker.</li> </ul> <h3>Changed</h3> <ul> <li>standalone/enableDebugLogging.js &gt; Updated for more recent logging funtionality.</li> <li>Update JS scripts to use passed singleton variables (control, model, view) if available (&gt;= ZAP 2.12.0).</li> <li>passive/Server Header Disclosure.js &gt; Updated to check that the Server Header contains something that looks like a semantic version component.</li> </ul> https://github.com/zaproxy/community-scripts/releases/download/v15/communityScripts-alpha-15.zap SHA-256:df178cb433864303dd9670fc4c66303db2ee88ee55e72621009f4d68d5bcec96 https://www.zaproxy.org/docs/desktop/addons/community-scripts/ https://github.com/zaproxy/community-scripts/ 2022-10-02 459421 2.11.0 coreLang Core Language Files Translations of the core language files ZAP Dev Team 15 coreLang-release-15.zap release <h3>Changed</h3> <ul> <li>Update the languages files from Crowdin.</li> <li>Update minimum ZAP version to 2.11.1.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/coreLang-v15/coreLang-release-15.zap SHA-256:d8258b914ffc95820dd045acf56677668a8cbbfc759290f72e30210056dfb88c https://crowdin.com/project/zaproxy https://github.com/zaproxy/zap-extensions/ 2022-02-14 4616009 2.11.1 custompayloads Custom Payloads Ability to add, edit or remove payloads that are used i.e. by active scanners ZAP Dev Team 0.12.0 custompayloads-alpha-0.12.0.zap alpha <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.1.</li> <li>Add help content linking to the Scan Rules which support Custom Payloads.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/custompayloads-v0.12.0/custompayloads-alpha-0.12.0.zap SHA-256:8e31acafdc1e2246e25953d8ccb87efa189a3fdadc596331feabeccc99dece65 https://www.zaproxy.org/docs/desktop/addons/custom-payloads/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 236404 2.11.1 diff Diff Displays a dialog showing the differences between 2 requests or responses. It uses diffutils and diff_match_patch ZAP Dev Team 11 diff-beta-11.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> <li>Updated menu items to use title caps (Issue 2000).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/diff-v11/diff-beta-11.zap SHA-256:a3ae6f59d98e28112f4a5e2616bfaca48823af746affa1729f32eaa1d7398aaa https://www.zaproxy.org/docs/desktop/addons/diff/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 282304 2.11.0 directorylistv1 Directory List v1.0 List of directory names to be used with Forced Browse or Fuzzer add-on. ZAP Dev Team 5 directorylistv1-release-5.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/directorylistv1-v5/directorylistv1-release-5.zap SHA-256:c1c0e14aac2ce203bdfd3a038f9b9dcf0b498f404936c3ff96e5a4614f611b9f https://www.zaproxy.org/docs/desktop/addons/directory-list-v1.0/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 960428 2.11.0 directorylistv2_3 Directory List v2.3 Lists of directory names to be used with Forced Browse or Fuzzer add-on. ZAP Dev Team 4 directorylistv2_3-release-4.zap release <h3>Added</h3> <ul> <li>Add help.</li> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/directorylistv2_3-v4/directorylistv2_3-release-4.zap SHA-256:3a8b04b9363b57acd9cf8cd67abce4c630f986e2b492a1ebd01eaa9587a0a199 https://www.zaproxy.org/docs/desktop/addons/directory-list-v2.3/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 8722229 2.11.0 directorylistv2_3_lc Directory List v2.3 LC Lists of lower case directory names to be used with Forced Browse or Fuzzer add-on. ZAP Dev Team 4 directorylistv2_3_lc-release-4.zap release <h3>Added</h3> <ul> <li>Add help.</li> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/directorylistv2_3_lc-v4/directorylistv2_3_lc-release-4.zap SHA-256:2603580ba53673c31800ef7373e7cc09de759369b6f8fb43cc9e5024ad5d9af4 https://www.zaproxy.org/docs/desktop/addons/directory-list-v2.3-lc/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 7569974 2.11.0 domxss DOM XSS Active scanner rule DOM XSS Active scanner rule Aabha Biyani, ZAP Dev Team 13 domxss-beta-13.zap beta <h3>Added</h3> <ul> <li>OWASP Web Security Testing Guide v4.2 mappings.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Use Network add-on to proxy browser requests.</li> </ul> <h3>Fixed</h3> <ul> <li>Stop the proxy when ZAP shuts down.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/domxss-v13/domxss-beta-13.zap SHA-256:9fe5a3f5c404e750767ba72ba6ac4784cc78bdb3233b3e551f1715717a3d48df https://www.zaproxy.org/docs/desktop/addons/dom-xss-active-scan-rule/ https://github.com/zaproxy/zap-extensions/ 2022-08-02 271106 2.11.1 commonlib >= 1.6.0 & < 2.0.0 network >=0.1.0 selenium 15.* encoder Encoder Adds encode/decode/hash dialog and support for scripted processors as well ZAP Dev Team 0.6.0 encoder-beta-0.6.0.zap beta <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> <h3>Removed</h3> <ul> <li>Groovy default template moved to Groovy add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/encoder-v0.6.0/encoder-beta-0.6.0.zap SHA-256:1615f183c89245b187b729a3e33ccc16dd43a39fa3fb0b0b94f719b649930eb4 https://www.zaproxy.org/docs/desktop/addons/encode-decode-hash/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 388487 2.11.0 evalvillain Eval Villain Adds the Eval Villain extension to Firefox when launched from ZAP. Dennis Goodlett and the ZAP Dev Team 0.1.1 evalvillain-alpha-0.1.1.zap alpha <h3>Fixed</h3> <ul> <li>Fix the downloaded version of the Eval Villain Firefox extension.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/evalvillain-v0.1.1/evalvillain-alpha-0.1.1.zap SHA-256:b0932f4f8fec19bf0dfae1dbe3668bbdadc6092707ea360216e37fdc8ae457cd https://www.zaproxy.org/docs/desktop/addons/eval-villain/ https://github.com/zaproxy/zap-extensions/ 2022-02-15 4943171 2.11.1 selenium >=15.5.0 exim Import/Export Import and Export functionality ZAP Dev Team & thatsn0tmysite 0.2.0 exim-beta-0.2.0.zap beta <h3>Fixed</h3> <ul> <li>Tweaked import functionality to mark import progress components completed when an exception occurs during import (thus allowing them to be cleared properly).</li> <li>HAR imports will now use an indeterminate progress bar if the count of entries cannot be determined.</li> <li>Correct import of HAR responses to allow them to be passively scanned.</li> </ul> <h3>Added</h3> <ul> <li>Copy URLs, Export Context URLs, Export Selected URLs, Export Messages, and Export Responses functionality similar to what was previously offered via core functionality.</li> <li>Stats for migrated core components.</li> </ul> <h3>Changed</h3> <ul> <li>Save RAW functionality now includes an All option which saves the entire HTTP message.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/exim-v0.2.0/exim-beta-0.2.0.zap SHA-256:fd05904344b9a605bb1e336c2f584993d7b98c988ce8d4d425d791110df5a824 https://www.zaproxy.org/docs/desktop/addons/import-export/ https://github.com/zaproxy/zap-extensions/ 2022-07-20 405753 2.11.1 commonlib >= 1.8.0 & < 2.0.0 fileupload FileUpload Detect File upload requests and scan them to find related vulnerabilities KSASAN preetkaran20@gmail.com 1.1.0 fileupload-alpha-1.1.0.zap alpha https://github.com/zaproxy/zap-extensions/releases/download/2.7/fileupload-alpha-1.1.0.zap SHA-256:47f2d93c6a53c55983056af282ebef09e80d27c0980517a73347778ad9e47932 https://github.com/SasanLabs/owasp-zap-fileupload-addon/ 2021-09-17 77520 2.11.0 formhandler Form Handler This Form Handler Add-on allows a user to define field names and values to be used in a form's fields. Fields can be added, modified, enabled, and deleted for use in form fields. ZAP Dev Team 6.0.0 formhandler-beta-6.0.0.zap beta <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Expose value generator for other add-ons (Related to Issue 3113).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/formhandler-v6.0.0/formhandler-beta-6.0.0.zap SHA-256:0df12b952c8fb949e24cdd74e7ebf01de7ac3be11ba0e1ddfe389411c7a82a3e https://www.zaproxy.org/docs/desktop/addons/form-handler/ https://github.com/zaproxy/zap-extensions/ 2022-09-21 2201958 2.11.1 fuzz Fuzzer Advanced fuzzer for manual testing ZAP Dev Team 13.7.0 fuzz-beta-13.7.0.zap beta <h3>Changed</h3> <ul> <li>Allow circular redirects always.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/fuzz-v13.7.0/fuzz-beta-13.7.0.zap SHA-256:aa60042375750eabaaa779706caef2679f314fdd1a06c65b4199c58333cf3723 https://www.zaproxy.org/docs/desktop/addons/fuzzer/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 2002848 2.11.1 fuzzdb FuzzDB Files FuzzDB files which can be used with the ZAP fuzzer ZAP Dev Team 9 fuzzdb-release-9.zap release <h3>Changed</h3> <ul> <li>Updated RAFT lists based on more recent SecLists contributions</li> <li>Update minimum ZAP version to 2.11.1.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/fuzzdb-v9/fuzzdb-release-9.zap SHA-256:c79537362cd6b383f447359685e3bd51795600b97ca0c1fadc4ba74828a7d4f4 https://www.zaproxy.org/docs/desktop/addons/fuzzdb-files/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 6167205 2.11.1 fuzzdboffensive FuzzDB Offensive FuzzDB web backdoors and attack files which can be used with the ZAP fuzzer or for manual penetration testing ZAP Dev Team 4 fuzzdboffensive-release-4.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.10.0.</li> </ul> https://github.com/zaproxy/fuzzdb-offensive/releases/download/v4/fuzzdboffensive-release-4.zap SHA-256:06bf75d2745c8f6e9a861597a31bab2d3f96058a3c497539a3ba234c687e796a https://www.zaproxy.org/docs/desktop/addons/fuzzdb-offensive/ https://github.com/zaproxy/fuzzdb-offensive/ 2021-06-11 414373 2.10.0 gettingStarted Getting Started with ZAP Guide A short Getting Started with ZAP Guide ZAP Dev Team 13 gettingStarted-release-13.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Updated for 2.11.0</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/gettingStarted-v13/gettingStarted-release-13.zap SHA-256:3eea769ec19f28c2ac7e924f5c77dbd1c3c59f40f409a1fcd3bf97cebdfd36ad https://www.zaproxy.org/docs/desktop/addons/getting-started-guide/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 707048 2.11.0 graaljs GraalVM JavaScript Provides the GraalVM JavaScript engine for ZAP scripting. ZAP Dev Team 0.2.0 graaljs-alpha-0.2.0.zap alpha <h3>Added</h3> <ul> <li>encode-decode Default and rot13 templates.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Update links to zaproxy repo.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/graaljs-v0.2.0/graaljs-alpha-0.2.0.zap SHA-256:6201ffc802a1d4922a4f2b5ea38f58a7332a5638e3719f4796efba375aa15045 https://github.com/zaproxy/zap-extensions/ 2021-10-06 20440785 2.11.0 graphql GraphQL Support Inspect and attack GraphQL endpoints. ZAP Dev Team 0.10.0 graphql-alpha-0.10.0.zap alpha <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update dependency, which reduces add-on file size (Issue 7322).</li> <li>Use Spider add-on (Issue 3113).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/graphql-v0.10.0/graphql-alpha-0.10.0.zap SHA-256:d6b3db0ec9340e2d3ef942f39933d6882ec36eff093f1944381dbbcd67cb196b https://www.zaproxy.org/docs/desktop/addons/graphql-support/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 5117751 2.11.1 groovy Groovy Support Adds Groovy support to ZAP ZAP Dev Team 3.1.0 groovy-beta-3.1.0.zap beta <h3>Added</h3> <ul> <li>encode-decode default template.</li> </ul> <h3>Changed</h3> <ul> <li>Update links to zaproxy and zap-extensions repos.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/groovy-v3.1.0/groovy-beta-3.1.0.zap SHA-256:ee208309c6b9619f6527a05f48949e38e1476f2b3fa7c6e32fbd1111f4bdac58 https://www.zaproxy.org/docs/desktop/addons/groovy-support/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 19006812 2.11.0 help Help - English English version of the ZAP help file. ZAP Crowdin Team 14 help-release-14.zap release <h3>Changed</h3> <ul> <li>Updated 2.11.1 release notes.</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help-v14/help-release-14.zap SHA-256:b9a0927ce7a80df42b28b40beafad0ecfa34e45d628b302cf93e0bc825d93ee8 https://www.zaproxy.org/docs/desktop/ https://github.com/zaproxy/zap-core-help/ 2021-12-10 875420 2.10.0 help_ar_SA Help - Arabic Arabic version of the ZAP help file. ZAP Crowdin Team 1 help_ar_SA-alpha-1.zap alpha <ul> <li>First version.</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ar_SA-v1/help_ar_SA-alpha-1.zap SHA-256:8208b0c788d5e29a2bb34f3c44c07db613faefb17d8d9cfb60adc02629c2b3f1 https://github.com/zaproxy/zap-core-help/ 2022-01-18 649333 2.11.0 help_bs_BA Help - Bosnian Bosnian version of the ZAP help file. ZAP Crowdin Team 9 help_bs_BA-alpha-9.zap alpha Updated with the latest files from crowdin https://github.com/zaproxy/zap-extensions/releases/download/2.7/help_bs_BA-alpha-9.zap SHA1:d33a3277e877da4734e6bf9c911c61c4e6ce2f3f 2018-02-08 747536 2.7.0 help_es_ES Help - Spanish Spanish version of the ZAP help file. ZAP Crowdin Team 10 help_es_ES-release-10.zap release <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_es_ES-v10/help_es_ES-release-10.zap SHA-256:63cc24e180374cf038d6aefe31b3f62e170437958ad61d2d3e65d2722fbedc1a https://github.com/zaproxy/zap-core-help/ 2022-01-18 697066 2.11.0 help_fil_PH Help - Filipino Filipino version of the ZAP help file. ZAP Crowdin Team 3 help_fil_PH-alpha-3.zap alpha <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_fil_PH-v3/help_fil_PH-alpha-3.zap SHA-256:64bbeb0f9404b70c0d49e9fd5da789b8d3902a20f518c7305eb412242831a180 https://github.com/zaproxy/zap-core-help/ 2022-01-18 710027 2.11.0 help_fr_FR Help - French French version of the ZAP help file. ZAP Crowdin Team 10 help_fr_FR-alpha-10.zap alpha <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_fr_FR-v10/help_fr_FR-alpha-10.zap SHA-256:f1ede9441e5de48170fdef598eb543ef6ad0813eed2e838d2c4803ea114fcb1a https://github.com/zaproxy/zap-core-help/ 2022-01-18 646717 2.11.0 help_id_ID Help - Indonesian Indonesian version of the ZAP help file. ZAP Crowdin Team 3 help_id_ID-beta-3.zap beta <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_id_ID-v3/help_id_ID-beta-3.zap SHA-256:ef50363872d783c3c49417bc821b28256cf35d8390004c48f6d4e030ceb8a7c5 https://github.com/zaproxy/zap-core-help/ 2022-01-18 671009 2.11.0 help_ja_JP Help - Japanese Japanese version of the ZAP help file. ZAP Crowdin Team 10 help_ja_JP-beta-10.zap beta <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ja_JP-v10/help_ja_JP-beta-10.zap SHA-256:11d310352e8719fe50587c5b97dd5eeb3a2e2ab23e450a7c1d0fad013d003536 https://github.com/zaproxy/zap-core-help/ 2022-01-18 661964 2.11.0 help_ms_MY Help - Malay Malay version of the ZAP help file. ZAP Crowdin Team 1 help_ms_MY-alpha-1.zap alpha <ul> <li>First version.</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ms_MY-v1/help_ms_MY-alpha-1.zap SHA-256:6407990b8ebaa2e401c3addc47081c742ab7fce25cec107ef49b4e627ad3ceae https://github.com/zaproxy/zap-core-help/ 2022-01-18 636908 2.11.0 help_pt_BR Help - Portuguese, Brazilian Portuguese, Brazilian version of the ZAP help file. ZAP Crowdin Team 11 help_pt_BR-release-11.zap release <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_pt_BR-v11/help_pt_BR-release-11.zap SHA-256:3fdf92763c1c851848df6b3588c97bbeb22837002351fd00c8208d8ab01ff710 https://github.com/zaproxy/zap-core-help/ 2022-01-18 682092 2.11.0 help_ru_RU Help - Russian Russian version of the ZAP help file. ZAP Crowdin Team 2 help_ru_RU-release-2.zap release <h3>Changed</h3> <ul> <li>Promote to Release</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ru_RU-v2/help_ru_RU-release-2.zap SHA-256:3fd5d8e6af7453a3a16e7c38a19ec941a330d0fd050f562ecebdc4638ae52c80 https://github.com/zaproxy/zap-core-help/ 2022-02-24 779171 2.11.0 help_tr_TR Help - Turkish Turkish version of the ZAP help file. ZAP Crowdin Team 2 help_tr_TR-release-2.zap release <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_tr_TR-v2/help_tr_TR-release-2.zap SHA-256:a92b43beab5e196341d8ddf40d594f1596c225c74f0f5b9280e223acc9a8535c https://github.com/zaproxy/zap-core-help/ 2022-01-18 710766 2.11.0 help_zh_CN Help - Chinese Simplified Chinese Simplified version of the ZAP help file. ZAP Crowdin Team 3 help_zh_CN-beta-3.zap beta <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_zh_CN-v3/help_zh_CN-beta-3.zap SHA-256:959b718a307ca32c7807c0d327533765eeb6a0a799b9bc98a2a1e22b3b47bc5a https://github.com/zaproxy/zap-core-help/ 2022-01-18 656718 2.11.0 highlighter Highlighter Allows you to highlight strings in the request and response tabs. ZAP Dev Team 8 highlighter-alpha-8.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/highlighter-v8/highlighter-alpha-8.zap SHA-256:4c4852bb2f42eb20dbe19a091e9025667947c73967a65770658333bedd01fccf https://www.zaproxy.org/docs/desktop/addons/highlighter/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 115527 2.11.0 hud HUD - Heads Up Display Display information from ZAP in browser. ZAP Dev Team 0.14.0 hud-beta-0.14.0.zap beta <h3>Added</h3> <ul> <li>Added accessibility fixes for rapid navigation between panels.</li> <li>Added semantic roles and better labelling for screen reader users.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Depend on Network add-on for the tutorial server.</li> </ul> <h3>Fixed</h3> <ul> <li>Problems with Firefox 103+</li> <li>Spider status post 2.11.1</li> </ul> https://github.com/zaproxy/zap-hud/releases/download/v0.14.0/hud-beta-0.14.0.zap SHA-256:26bed90b59b68b11220aff6c5c343d5f42291d950eda1752f2d1609f50896719 https://www.zaproxy.org/docs/desktop/addons/hud/ https://github.com/zaproxy/zap-hud/ 2022-09-22 1385048 2.11.1 network >= 0.1.0 websocket imagelocationscanner Image Location and Privacy Scanner Image Location and Privacy Passive Scanner Jay Ball (veggiespam) and the ZAP Dev Team 4 imagelocationscanner-beta-4.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Maintenance changes.</li> </ul> <h3>Added</h3> <ul> <li>OWASP Web Security Testing Guide v4.2 mappings.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/imagelocationscanner-v4/imagelocationscanner-beta-4.zap SHA-256:6d168e4d156335a0544619011b742e47e6dc1d492a2d63a0e8f787b28796b2c9 https://www.zaproxy.org/docs/desktop/addons/image-location-and-privacy-scanner/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 1138093 2.11.1 commonlib >= 1.6.0 & < 2.0.0 importLogFiles Log File Importer Allows you to import log files from ModSecurity and files previously exported from ZAP Joseph Kirwin, ZAP Dev Team 6 importLogFiles-alpha-6.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/importLogFiles-v6/importLogFiles-alpha-6.zap SHA-256:8e9383c3c8f13abbb98e4726cff2d0843e350e9214dd89c74778a46d679711a2 https://www.zaproxy.org/docs/desktop/addons/log-file-importer/ https://github.com/zaproxy/zap-extensions/ 2021-12-22 156767 2.11.1 exim importurls Import files containing URLs Adds an option to import a file of URLs. The file must be plain text with one URL per line. ZAP Dev Team 9 importurls-beta-9.zap beta <h3>Retired</h3> <ul> <li>This add-on has been retired, and its functionality has been replaced by the Import/Export Add-on.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/importurls-v9/importurls-beta-9.zap SHA-256:1dd3602a9fa88ff2834643556226fd2129561abf217d8b4ac0d7281e55be06ee https://www.zaproxy.org/docs/desktop/addons/import-urls/ https://github.com/zaproxy/zap-extensions/ 2021-12-22 231139 2.11.1 exim invoke Invoke Applications Invoke external applications passing context related information such as URLs and parameters ZAP Dev Team 11 invoke-beta-11.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/invoke-v11/invoke-beta-11.zap SHA-256:088ed335a7dbe1ad1569fc249e1a395f1957e39598c6d4d648cdc49780cb71fc https://www.zaproxy.org/docs/desktop/addons/invoke-applications/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 322829 2.11.0 jruby Ruby Scripting Allows Ruby to be used for ZAP scripting - templates included ZAP Dev Team 8 jruby-beta-8.zap beta <h3>Changed</h3> <ul> <li>Update links to zaproxy repo.</li> <li>Rename reliability to confidence in active/passive templates.</li> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/jruby-v8/jruby-beta-8.zap SHA-256:f5bb450a165f6c407b8d24f7b2776bdc7a2edb0b4b42aea385f8a6ad1ae605ca https://www.zaproxy.org/docs/desktop/addons/ruby-scripting/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 21968128 2.11.0 jsonview JSON View Adds a view that shows JSON messages nicely formatted Juha Kivekäs 2 jsonview-alpha-2.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add the main context menu to the JSON view.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Capitalize the view dropdown menu entry (related to Issue 2000).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/jsonview-v2/jsonview-alpha-2.zap SHA-256:49fd8995eac7724e5a60f7b6d7f10cfb617f3f083b6f23406075631ba23c7ebc https://www.zaproxy.org/docs/desktop/addons/json-view/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 119886 2.11.0 jwt JWT Support Detect JWT requests and scan them to find related vulnerabilities KSASAN preetkaran20@gmail.com 1.0.2 jwt-alpha-1.0.2.zap alpha <ul> <li>First version of JWT Support. <ul> <li>Contains scanning rules for basic JWT related vulnerabilities.</li> <li>Contains JWT Fuzzer for fuzzing the JWT's present in the request.</li> </ul> </li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/2.7/jwt-alpha-1.0.2.zap SHA-256:f35af7bb3fbb88ae3da5ab0ac7a5c562463dfab521f3e54c7194b44358f793b3 https://github.com/SasanLabs/owasp-zap-jwt-addon/ 2022-01-22 751195 2.11.1 commonlib fuzz 13.* jython Python Scripting Allows Python to be used for ZAP scripting - templates included ZAP Dev Team 12 jython-beta-12.zap beta <h3>Added</h3> <ul> <li>encode-decode default and rot13 templates.</li> </ul> <h3>Changed</h3> <ul> <li>Update links to zaproxy repo.</li> <li>Rename reliability to confidence in active/passive templates.</li> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/jython-v12/jython-beta-12.zap SHA-256:4519b862edf8f006c429c86b0152ade561b660ae6f74cfce684b272f4fe28ef1 https://www.zaproxy.org/docs/desktop/addons/python-scripting/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 43312397 2.11.0 kotlin Kotlin Support Allows Kotlin to be used for ZAP scripting StackHawk Engineering 1.1.0 kotlin-alpha-1.1.0.zap alpha <h3>Changed</h3> <ul> <li>Use appropriate syntax style for highlighting of code.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/kotlin-v1.1.0/kotlin-alpha-1.1.0.zap SHA-256:85a47ea7199b77cfb09081302c277de2ba5e2102ef79907573ebcfa6425302e9 https://www.zaproxy.org/docs/desktop/addons/kotlin-support/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 48865539 2.11.0 neonmarker Neonmarker Colors history table items based on tags Juha Kivekäs, Kingthorin 1.5.0 neonmarker-alpha-1.5.0.zap alpha <h3>Added</h3> <ul> <li>A right-click context menu is now available in the History tab in order to Select/Set a color for arbitrary messages.</li> </ul> https://github.com/kingthorin/neonmarker/releases/download/v1.5.0/neonmarker-alpha-1.5.0.zap SHA-256:0b888612670e66712001d0bd3cb990d7b34f88b7b6339aed2734083b8a5fe5c5 https://www.zaproxy.org/docs/desktop/addons/neonmarker/ https://github.com/kingthorin/neonmarker 2022-07-11 35903 2.10.0 network Network Provides core networking capabilities. ZAP Dev Team 0.2.0 network-alpha-0.2.0.zap alpha <h3>Added</h3> <ul> <li>On weekly releases and versions after 2.11: <ul> <li>Management of local servers/proxies, supersedes core functionality;</li> <li>Configuration of aliases for the servers/proxies (<a href="https://github.com/zaproxy/zaproxy/issues/3594">Issue 3594</a>);</li> <li>Pass-through connections (<a href="https://github.com/zaproxy/zaproxy/issues/6832">Issue 6832</a>).</li> </ul> </li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/network-v0.2.0/network-alpha-0.2.0.zap SHA-256:9684a67a6bdf2d221f85fb86ff7cb3c1a4aefda4f7fda4a715f5dfa182fcbbd9 https://www.zaproxy.org/docs/desktop/addons/network/ https://github.com/zaproxy/zap-extensions/ 2022-04-06 17892519 2.11.1 oast OAST Support Allows you to exploit out-of-band vulnerabilities ZAP Dev Team 0.12.0 oast-beta-0.12.0.zap beta <h3>Fixed</h3> <ul> <li>Deregister the Interactsh service even in case of error (Issue 7504).</li> <li>Clear Interactsh payloads from the GUI when the service is deregistered.</li> <li>Error logged when interactsh server returns null data.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/oast-v0.12.0/oast-beta-0.12.0.zap SHA-256:734e816567d733d9ae87f03340ae8d4af99c96974addd92bcf5a76fa3cee6449 https://www.zaproxy.org/docs/desktop/addons/oast-support/ https://github.com/zaproxy/zap-extensions/ 2022-10-19 778402 2.11.1 network >= 0.1.0 onlineMenu Online menus ZAP Online menu items ZAP Dev Team 9 onlineMenu-release-9.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/onlineMenu-v9/onlineMenu-release-9.zap SHA-256:14d46e64178caf551462eb77478002ba08946ff639a1a52007527c41fd85bbee https://www.zaproxy.org/docs/desktop/addons/online-menu/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 208120 2.11.0 openapi OpenAPI Support Imports and spiders OpenAPI definitions. ZAP Dev Team plus Joanna Bona, Nathalie Bouchahine, Artur Grzesica, Mohammad Kamar, Markus Kiss, Michal Materniak, Marcin Spiewak, and SDA SE Open Industry Solutions 28 openapi-beta-28.zap beta <h3>Added</h3> <ul> <li>Imported specs are now persisted to the session database. They are used by the new variant to mark path parameters as Data Driven Nodes.</li> </ul> <h3>Fixed</h3> <ul> <li>JSON body examples specified under <code>schema</code> were being enclosed in quotes.</li> <li>Error message when <code>apiFile</code> field is not accessible was outputting the <code>targetUrl</code> and not the incorrect filename (Issue 7370).</li> </ul> <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Use Spider add-on (Issue 3113).</li> <li>Use Form Handler add-on directly.</li> <li>DDNs added as Structural Modifiers have been superseded by a custom variant. The variant supports nested DDNs and leaf DDNs, prevents non-parameter URL paths from being merged with DDNs, and treats paths with different HTTP methods uniquely. DDNs are named with the parameter name from the spec.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/openapi-v28/openapi-beta-28.zap SHA-256:d3fc4cddcc74b4a8b3e9e707dc36327058ad2bd5c7763dde572f3ca389579656 https://www.zaproxy.org/docs/desktop/addons/openapi-support/ https://github.com/zaproxy/zap-extensions/ 2022-09-21 12183573 2.11.1 commonlib >= 1.8.0 & < 2.0.0 packpentester Collection: Pentester Pack A collection of add-ons ideal for pentesters ZAP Dev Team 0.1.0 packpentester-alpha-0.1.0.zap alpha <h3>Fixed</h3> <ul> <li>Corrected fuzz add-on name</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/packpentester-v0.1.0/packpentester-alpha-0.1.0.zap SHA-256:0b8e7e4ddffdcacf46fdf9793bf84217738e281cbd5ccac732788c4b768d069c https://www.zaproxy.org/docs/desktop/addons/collection-pentester-pack/ https://github.com/zaproxy/zap-extensions/ 2022-05-12 6792 2.11.1 accessControl attacksurfacedetector custompayloads evalvillain fileupload fuzz fuzzdb jsonview jwt requester viewstate wappalyzer packscanrules Collection: Scan Rules Pack All of the add-ons just containing release, beta and alpha status scan rules ZAP Dev Team 0.0.1 packscanrules-alpha-0.0.1.zap alpha <p>First version.</p> https://github.com/zaproxy/zap-extensions/releases/download/packscanrules-v0.0.1/packscanrules-alpha-0.0.1.zap SHA-256:5ad68f153379bd96f36a7bead61e884cc42e1409cdd262dffc682b5f7bf92da4 https://www.zaproxy.org/docs/desktop/addons/collection-scan-rules-pack/ https://github.com/zaproxy/zap-extensions/ 2022-05-13 9244 2.11.1 ascanrules ascanrulesAlpha ascanrulesBeta domxss pscanrules pscanrulesAlpha pscanrulesBeta retire paramdigger Parameter Digger Identify hidden, unlinked parameters. Useful for finding web cache poisoning vulnerabilities. ZAP Dev Team and Arkaprabha Chakraborty 0.1.0 paramdigger-alpha-0.1.0.zap alpha <h3>Changed</h3> <ul> <li>Rename multiple options in GUI and documentation.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/paramdigger-v0.1.0/paramdigger-alpha-0.1.0.zap SHA-256:29ab753e092b42a546fb83fefcb8d952af745e6ba98d647099c7d0185af13eee https://www.zaproxy.org/docs/desktop/addons/parameter-digger/ https://github.com/zaproxy/zap-extensions/ 2022-08-22 522848 2.11.1 commonlib >= 1.9.0 & < 2.0.0 plugnhack Plug-n-Hack Configuration Supports the Mozilla Plug-n-Hack standard: https://developer.mozilla.org/en-US/docs/Plug-n-Hack. ZAP Dev Team 12 plugnhack-beta-12.zap beta <h3>Added</h3> <ul> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Issue 2000 - Updated strings shown in context menu with title caps.</li> <li>Change info URL to link to the site.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/plugnhack-v12/plugnhack-beta-12.zap SHA-256:9a1cc0e664629e9f6aabdc1a2c13b800112bdc8b35b0cc4b375a011eb2430b49 https://www.zaproxy.org/docs/desktop/addons/plug-n-hack/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 729770 2.11.0 portscan Port Scanner Allows to port scan a target server ZAP Dev Team 9 portscan-beta-9.zap beta <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Update default values in the options to match the ones in the default configuration file.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/portscan-v9/portscan-beta-9.zap SHA-256:be85aac379e3415ccd771b983ac52d208e5ddeb5b5e591fab047e97a895b2dfb https://www.zaproxy.org/docs/desktop/addons/port-scan/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 714392 2.11.0 pscanrules Passive scanner rules The release status Passive Scanner rules ZAP Dev Team 43 pscanrules-release-43.zap release <h3>Changed</h3> <ul> <li>Reduce Cache Control scan rule confidence to Low, and add new reference (Issue 6446).</li> <li>Added new Custom Payloads alert tag to the example alerts of the Username IDOR and Application Error scan rules.</li> <li>Maintenance changes.</li> <li>The Timestamp Disclosure scan rule is now scoped to a 10 year range with a cap at the Y2038 rollover point (Issue 6741).</li> <li>THe Content Security Policy Header Set scan rule will no longer alert if CSP is specified via META tag (Issue 7303).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/pscanrules-v43/pscanrules-release-43.zap SHA-256:12c6baf7099189985d9a79d57b293923e8f0ce8d1c215334086a68ed417e25e2 https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules/ https://github.com/zaproxy/zap-extensions/ 2022-09-15 1247607 2.11.1 commonlib >= 1.10.0 & < 2.0.0 pscanrulesAlpha Passive scanner rules (alpha) The alpha status Passive Scanner rules ZAP Dev Team 36 pscanrulesAlpha-alpha-36.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Maintenance changes.</li> <li>Sub Resource Integrity Attribute Missing scan rule now supports Trusted Domains.</li> <li>The Base64 Disclosure scan rule will now ignore headers which are known to contain irrelevant Base64 like strings or are covered by other rules (ETag, Authorization, X-ChromeLogger-Data, X-ChromePhp-Data) (Issue 6619).</li> <li>Added new Custom Payloads alert tag to the example alerts of the Dangerous JS Function scan rule.</li> <li>Permissions Policy scan rule updated for consistency and documentation purposes (Issue 7458).</li> </ul> <h3>Fixed</h3> <ul> <li>False positive condition from Sub Resource Integrity Attribute Missing scan rule when rel=canonical is used (Issue 7040).</li> <li>Threading issue in Dangerous JS Functions rule - only reproducible with currently unreleased core changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/pscanrulesAlpha-v36/pscanrulesAlpha-alpha-36.zap SHA-256:aa3a153529f76fe4d0d95a2f251403dc50228292c6127876483500f55373fd8d https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules-alpha/ https://github.com/zaproxy/zap-extensions/ 2022-09-16 667839 2.11.1 commonlib >= 1.10.0 & < 2.0.0 pscanrulesBeta Passive scanner rules (beta) The beta status Passive Scanner rules ZAP Dev Team 30 pscanrulesBeta-beta-30.zap beta <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Reverse Tabnabbing scan rule now leverages the Common Library Trusted Domains implementation.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/pscanrulesBeta-v30/pscanrulesBeta-beta-30.zap SHA-256:27469df673d8072927ff89bbdf5d9ef9c59dd8070c6e2c996c42735fa7f2957d https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules-beta/ https://github.com/zaproxy/zap-extensions/ 2022-09-15 976693 2.11.1 commonlib >= 1.10.0 & < 2.0.0 quickstart Quick Start Provides a tab which allows you to quickly test a target application ZAP Dev Team 34 quickstart-release-34.zap release <h3>Changed</h3> <ul> <li>Spider checkboxes in Automated Scan will be disabled when scan is running. (Issue 7072)</li> <li>Use Network add-on to obtain main proxy address/port.</li> <li>Maintenance changes.</li> <li>Use Spider add-on (Issue 3113).</li> </ul> <h3>Fixed</h3> <ul> <li>Accept any 2xx result code instead of just 200.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/quickstart-v34/quickstart-release-34.zap SHA-256:332374c4d6fe5b17cd4f894cbfd06a5e8073f817fb675efadb3db0b5cb9c4ab4 https://www.zaproxy.org/docs/desktop/addons/quick-start/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 632885 2.11.1 callhome >= 0.0.1 network >= 0.2.0 reports >= 0.4.0 reflect Reflect Finds reflected parameters Caleb Kinney 0.0.11 reflect-alpha-0.0.11.zap alpha https://github.com/zaproxy/zap-extensions/releases/download/2.7/reflect-alpha-0.0.11.zap SHA-256:c45307037042e4079546a5fcb17d1165475e5cdd5ba7e8abc0d2cf0a14866466 2021-02-19 1780219 2.9.0 regextester Regular Expression Tester Allows to test Regular Expressions ZAP Dev Team 2 regextester-alpha-2.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> <h3>Fixed</h3> <ul> <li>Close dialogues when the add-on is uninstalled.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/regextester-v2/regextester-alpha-2.zap SHA-256:b4706709c16a45e8bedc0bd6f28dd09532d5dbf3f1fe2c2853e20dbf6160a584 https://www.zaproxy.org/docs/desktop/addons/regular-expression-tester/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 159441 2.11.0 replacer Replacer Easy way to replace strings in requests and responses. ZAP Dev Team 10 replacer-release-10.zap release <h3>Fixed</h3> <ul> <li>Allow the replacement type to be changed in existing rules (Issue 3840).</li> </ul> <h3>Added</h3> <ul> <li>Allow to manage the replacer rules programmatically, for example, through ZAP scripts.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Maintenance changes.</li> <li>Promoted to Release status.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/replacer-v10/replacer-release-10.zap SHA-256:8a221acb5386079cf163a9d3eb8830bd67afab82e6a6a27f011e7f541ef002ab https://www.zaproxy.org/docs/desktop/addons/replacer/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 338300 2.11.1 reports Report Generation Official ZAP Reports. ZAP Dev Team 0.15.0 reports-release-0.15.0.zap release <h3>Fixed</h3> <ul> <li>API problems: <ul> <li>Mixed case sections could not be referenced</li> <li>Risk-confidence-html report failed if no context specified</li> <li>No theme is used if one was not specified, breaking theme links</li> </ul> </li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/reports-v0.15.0/reports-release-0.15.0.zap SHA-256:e58e24935936ab294b85dae508861c7a14df2a26f440e881602821ee4e25b37e https://www.zaproxy.org/docs/desktop/addons/report-generation/ https://github.com/zaproxy/zap-extensions/ 2022-07-20 66963031 2.11.1 requester Requester Request numbered panel. Surikato 6 requester-alpha-6.zap alpha <h3>Added</h3> <ul> <li>Support for renaming tabs.</li> <li>More help.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Maintenance changes.</li> <li>Moved Help button to the Response tab.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/requester-v6/requester-alpha-6.zap SHA-256:3d3e1aff47fc1446c6e25b8c718e276ee4bff9627e85743379a95e194140c77f https://www.zaproxy.org/docs/desktop/addons/requester/ https://github.com/zaproxy/zap-extensions/ 2022-05-10 165379 2.11.1 retest Retest An add-on to retest for presence/absence of previously generated alerts. ZAP Dev Team 0.3.0 retest-alpha-0.3.0.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Scan Rule ID values are no longer displayed with commas.</li> <li>Maintenance changes.</li> </ul> <h3>Fixed</h3> <ul> <li>The Retest dialog now properly resets between ZAP sessions (Issue 7147).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/retest-v0.3.0/retest-alpha-0.3.0.zap SHA-256:89a53b8b620a0b5cd81c58596c207882a7813f4e013d15f37dab8c10cfdcd254 https://www.zaproxy.org/docs/desktop/addons/retest/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 258291 2.11.1 automation >=0.6.0 retire Retire.js Retire.js Nikita Mundhada and the ZAP Dev Team 0.15.0 retire-release-0.15.0.zap release <h3>Changed</h3> <ul> <li>Updated with upstream retire.js pattern changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/retire-v0.15.0/retire-release-0.15.0.zap SHA-256:b96b6f6c84223841160f5a3b5628fe97c28bdae7c9c81f8735c7ebb63a75370a https://www.zaproxy.org/docs/desktop/addons/retire.js/ https://github.com/zaproxy/zap-extensions/ 2022-09-22 1214200 2.11.1 commonlib >= 1.7.0 & < 2.0.0 reveal Reveal Show hidden fields and enable disabled fields ZAP Dev Team 4 reveal-release-4.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/reveal-v4/reveal-release-4.zap SHA-256:b8f1e971ae15df7aab3d896ad88a4f503971db24fcff86d92fb243c476fc4f01 https://www.zaproxy.org/docs/desktop/addons/reveal/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 237540 2.11.0 revisit Revisit Revisit a site at any time in the past using the session history ZAP Dev Team 4 revisit-alpha-4.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> <li>Maintenance changes.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/revisit-v4/revisit-alpha-4.zap SHA-256:445bb2a98e06d4ecc945c35c2777dae1b1e5b6ea20de78b920c8004bc3615195 https://www.zaproxy.org/docs/desktop/addons/revisit/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 299864 2.11.0 saml SAML Support Detect, Show, Edit, Fuzz SAML requests ZAP Dev Team 9 saml-alpha-9.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/saml-v9/saml-alpha-9.zap SHA-256:37c167b76115a7a0710b1e8940591797da170961ca69f517c66a25b16712cb1a https://www.zaproxy.org/docs/desktop/addons/saml-support/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 1809830 2.11.0 saverawmessage Save Raw Message Allows to save content of HTTP messages as binary ZAP Dev Team 7 saverawmessage-release-7.zap release <h3>Retired</h3> <ul> <li>This add-on has been retired, and its functionality has been replaced by the Import/Export Add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/saverawmessage-v7/saverawmessage-release-7.zap SHA-256:530e0c46d30c9aeb0a6b4cc4fbb3d3083db0337cbb88ac0db96271076b9ec48b https://www.zaproxy.org/docs/desktop/addons/save-raw-message/ https://github.com/zaproxy/zap-extensions/ 2021-12-22 23464 2.11.1 exim savexmlmessage Save XML Message Allows to save content of HTTP messages as XML thatsn0tmysite 0.3.0 savexmlmessage-alpha-0.3.0.zap alpha <h3>Retired</h3> <ul> <li>This add-on has been retired, and its functionality has been replaced by the Import/Export Add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/savexmlmessage-v0.3.0/savexmlmessage-alpha-0.3.0.zap SHA-256:0a73d4d8f07a5e7c1e9140b22faa63fb3fbb51fb88d5e33ff297723564c0c79d https://www.zaproxy.org/docs/desktop/addons/save-xml-message/ https://github.com/zaproxy/zap-extensions/ 2021-12-22 6034 2.11.1 exim scripts Script Console Supports all JSR 223 scripting languages ZAP Dev Team 32 scripts-release-32.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> <h3>Fixed</h3> <ul> <li>Don't print twice to std out when running without view and executing scripts (Issue 7455).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/scripts-v32/scripts-release-32.zap SHA-256:481741ae386135311f7cb89e9e82178bd7f224c8ff23fac7802d35b13408d5b7 https://www.zaproxy.org/docs/desktop/addons/script-console/ https://github.com/zaproxy/zap-extensions/ 2022-10-12 789639 2.11.1 selenium Selenium WebDriver provider and includes HtmlUnit browser ZAP Dev Team 15.10.0 selenium-release-15.10.0.zap release <h3>Added</h3> <ul> <li>Option to register and run 'browserHooks'.</li> </ul> <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/selenium-v15.10.0/selenium-release-15.10.0.zap SHA-256:a7ab7ab2122ea52408395243d23941e5aa5fa669742c58a2ead141a2888fd1c2 https://www.zaproxy.org/docs/desktop/addons/selenium/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 24912328 2.11.1 network >=0.2.0 sequence Sequence Gives the possibility of defining a sequence of requests to be scanned. ZAP Dev Team 6 sequence-alpha-6.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Issue 2000 - Updated strings shown in active scan dialog with title caps.</li> <li>Enable help button in Sequence tab of Active Scan dialog.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/sequence-v6/sequence-alpha-6.zap SHA-256:2849204eab9ea1da50404ab9604e5ec69440c490453a24392c9a40bf95cdb164 https://www.zaproxy.org/docs/desktop/addons/sequence-scanner/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 1556476 2.11.0 zest soap SOAP Support Imports and scans WSDL files containing SOAP endpoints. Alberto (albertov91) + ZAP Dev Team 14 soap-beta-14.zap beta <h3>Changed</h3> <ul> <li>Dependency updates.</li> <li>Maintenance changes.</li> <li>Use Spider add-on (Issue 3113).</li> <li>Use Form Handler add-on directly.</li> <li>Promoted to Beta status.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/soap-v14/soap-beta-14.zap SHA-256:5ed80d0abd009a0902f660417a761fb3d2585e26b2f092ebdc70d44c3993d0f5 https://www.zaproxy.org/docs/desktop/addons/soap-support/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 13988341 2.11.1 commonlib >= 1.5.0 & < 2.0.0 spiderAjax Ajax Spider Allows you to spider sites that make heavy use of JavaScript using Crawljax ZAP Dev Team 23.9.0 spiderAjax-release-23.9.0.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> <h3>Added</h3> <ul> <li>Support for automation monitor tests.</li> <li>Added 'runOnlyIfModern' Automation Framework option.</li> </ul> <h3>Fixed</h3> <ul> <li>Automation Framework dialog - min numberOfBrowsers now 1.</li> <li>Automation Framework job - correctly pick up URL from context.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/spiderAjax-v23.9.0/spiderAjax-release-23.9.0.zap SHA-256:6e87e79a9be4ffd95b9ad48ff8f09720d9229bd2e3fcbed30d490ec1c44cda8f https://www.zaproxy.org/docs/desktop/addons/ajax-spider/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 5821779 2.11.1 network >=0.1.0 selenium 15.* sqliplugin Advanced SQLInjection Scanner An advanced active injection bundle for SQLi (derived by SQLMap) Andrea Pompili (Yhawke) 15 sqliplugin-beta-15.zap beta <h3>Fixed</h3> <ul> <li>Re-ordered variable initialization to prevent an NPE.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/sqliplugin-v15/sqliplugin-beta-15.zap SHA-256:76e857bd2fea0b57b641862ea5bef46365ac1b03a19371c5e818a5401f7d9384 https://www.zaproxy.org/docs/desktop/addons/advanced-sqlinjection-scanner/ https://github.com/zaproxy/zap-extensions/ 2021-10-20 534349 2.11.0 commonlib >= 1.5.0 & < 2.0.0 sse Server-Sent Events Allows you to view Server-Sent Events (SSE) communication. ZAP Dev Team 11 sse-alpha-11.zap alpha <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.1.</li> </ul> <h3>Fixed</h3> <ul> <li>Properly close the server side connection when no longer in use (Issue 6424).</li> <li>Increase the size of the URL column (Issue 7354).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/sse-v11/sse-alpha-11.zap SHA-256:c4126a431866de8271e314a9ca1343002a4a0db05f669870f84c015eb707e372 https://www.zaproxy.org/docs/desktop/addons/server-sent-events/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 340546 2.11.1 svndigger SVN Digger Files SVN Digger files which can be used with ZAP forced browsing ZAP Dev Team 4 svndigger-release-4.zap release <h3>Added</h3> <ul> <li>Add help.</li> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Promote to release status.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/svndigger-v4/svndigger-release-4.zap SHA-256:5556efdf3fdb84ebd6cf3e76ca31e3fb6fb57c002cf14b2cf2f05f67bf2b622a https://www.zaproxy.org/docs/desktop/addons/svn-digger-files/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 713963 2.11.0 tips Tips and Tricks Display ZAP Tips and Tricks ZAP Dev Team 9 tips-beta-9.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/tips-v9/tips-beta-9.zap SHA-256:dd65cd0a0f1621bd759bd92fb0a4bdba67cdf498fdaea2c40a333035aec9df97 https://www.zaproxy.org/docs/desktop/addons/tips-and-tricks/ https://github.com/zaproxy/zap-extensions/ 2021-10-06 563979 2.11.0 tokengen Token Generation and Analysis Allows you to generate and analyze pseudo random tokens, such as those used for session handling or CSRF protection ZAP Dev Team 15 tokengen-beta-15.zap beta <h3>Changed</h3> <ul> <li>Now using 2.10 logging infrastructure (Log4j 2.x).</li> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/tokengen-v15/tokengen-beta-15.zap SHA-256:daef1d13d44a76b8735a30ed9e1e50fa87a85d02728bd7ae575197d173f942f9 https://www.zaproxy.org/docs/desktop/addons/token-generator/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 525206 2.11.0 treetools TreeTools Tools to add functionality to the tree view. Carl Sampson 8 treetools-beta-8.zap beta <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/treetools-v8/treetools-beta-8.zap SHA-256:b7f61f8939937ebc120bce8deb72713d7676087056e88801df2573112e7642e4 https://www.zaproxy.org/docs/desktop/addons/treetools/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 128931 2.11.0 viewstate ViewState ASP/JSF ViewState Decoder and Editor Calum Hutton 3 viewstate-alpha-3.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/viewstate-v3/viewstate-alpha-3.zap SHA-256:715caefd591415e79b32195361fea82aa8c6357b24e69530c22fde0a1b6dad17 https://www.zaproxy.org/docs/desktop/addons/viewstate/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 148716 2.11.0 wappalyzer Wappalyzer - Technology Detection Technology detection using Wappalyzer: wappalyzer.com ZAP Dev Team 21.13.0 wappalyzer-release-21.13.0.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Updated with upstream Wappalyzer icon and pattern changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/wappalyzer-v21.13.0/wappalyzer-release-21.13.0.zap SHA-256:23f068d60f1ff095f53bbc795f805f2fbbe576174c8189843b167b3d1e40a44d https://www.zaproxy.org/docs/desktop/addons/technology-detection/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 16419866 2.11.1 commonlib >= 1.7.0 & < 2.0.0 webdriverlinux Linux WebDrivers Linux WebDrivers for Firefox and Chrome. ZAP Dev Team 45 webdriverlinux-release-45.zap release <h3>Changed</h3> <ul> <li>Update geckodriver to 0.32.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/webdriverlinux-v45/webdriverlinux-release-45.zap SHA-256:9d551814be93cbce737a62c3c636df801dce6237daae82aaca079cca75e59abf https://www.zaproxy.org/docs/desktop/addons/linux-webdrivers/ https://github.com/zaproxy/zap-extensions/ 2022-10-14 12870940 2.11.1 webdrivermacos MacOS WebDrivers MacOS WebDrivers for Firefox and Chrome. ZAP Dev Team 46 webdrivermacos-release-46.zap release <h3>Changed</h3> <ul> <li>Update geckodriver to 0.32.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/webdrivermacos-v46/webdrivermacos-release-46.zap SHA-256:4f929fe17ef932b1ee3b2477a34378d536c5b92a8a6404b4211abe932a202c7a https://www.zaproxy.org/docs/desktop/addons/macos-webdrivers/ https://github.com/zaproxy/zap-extensions/ 2022-10-14 20546304 2.11.1 webdriverwindows Windows WebDrivers Windows WebDrivers for Firefox and Chrome. ZAP Dev Team 45 webdriverwindows-release-45.zap release <h3>Changed</h3> <ul> <li>Update geckodriver to 0.32.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/webdriverwindows-v45/webdriverwindows-release-45.zap SHA-256:4714cb7937b4e7479b3dcd08ddd06db792b45ecb0ef15c06a97f661fdd4a292a https://www.zaproxy.org/docs/desktop/addons/windows-webdrivers/ https://github.com/zaproxy/zap-extensions/ 2022-10-14 10035120 2.11.1 websocket WebSockets Allows you to inspect WebSocket communication. ZAP Dev Team 26 websocket-release-26.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Cache WebSocket Passive Rules scripts for better performance with all script engines.</li> </ul> <h3>Fixed</h3> <ul> <li>Handle errors caused by WebSocket Passive Rules scripts, which would break the passive scan.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/websocket-v26/websocket-release-26.zap SHA-256:965a94bf9486b15eed5ad0dde9d681a2c121282bed73da62df2a6916acd0a1aa https://www.zaproxy.org/docs/desktop/addons/websockets/ https://github.com/zaproxy/zap-extensions/ 2022-05-20 1413083 2.11.1 zest Zest - Graphical Security Scripting Language A graphical security scripting language, ZAPs macro language on steroids ZAP Dev Team 36 zest-beta-36.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Use Network add-on to proxy client authentication requests.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/zest-v36/zest-beta-36.zap SHA-256:cbd3587709cdfeff9f85c619b88fa2af78ba7f0bb2b1aeb156598e6807d5b7bf https://www.zaproxy.org/docs/desktop/addons/zest/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 13581902 2.11.1 network >=0.2.0 scripts selenium 15.*