2.13.0 D-2021-10-18 https://github.com/zaproxy/zaproxy/releases/download/w2021-10-18/ZAP_WEEKLY_D-2021-10-18.zip ZAP_WEEKLY_D-2021-10-18.zip SHA-256:9d4bcb12e47293f3cbc4c32285b8469e620f092bb2519e65e12e5e528a25a8ad 188556676 https://github.com/zaproxy/zaproxy/releases/download/v2.13.0/ZAP_2_13_0_windows-x32.exe ZAP_2_13_0_windows-x32.exe SHA-256:1c7601b6253a47e6e4e93e0f4e64799b4f11381e73914ed74cb94da697688d82 203996672 https://github.com/zaproxy/zaproxy/releases/download/v2.13.0/ZAP_2_13_0_windows.exe ZAP_2_13_0_windows.exe SHA-256:5e1df341b91f65fe0768cb659af41e7671d475074ceab1b332b6520bcedf1dac 204125696 https://github.com/zaproxy/zaproxy/releases/download/v2.13.0/ZAP_2.13.0_Linux.tar.gz ZAP_2.13.0_Linux.tar.gz SHA-256:936eb52a0fd390c1ef890c455420d95ce20062fe136ec0927e023e2baf50f549 205883305 https://github.com/zaproxy/zaproxy/releases/download/v2.13.0/ZAP_2.13.0.dmg ZAP_2.13.0.dmg SHA-256:914ca4a6ce2ba6e44f9ad0a9720f5a1879a16e56a56ac63fd0a5d67d54df0148 234629799 Bug fix and enhancement release. https://www.zaproxy.org/docs/desktop/releases/2.13.0/ accessControl Access Control Testing Adds a set of tools for testing access control in web applications. ZAP Dev Team 9 accessControl-alpha-9.zap alpha <h3>Added</h3> <ul> <li>Add OWASP Top 10 tags to the alerts raised.</li> <li>The add-on now includes example alert functionality for documentation generation purposes (Issue 6119).</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> <li>Depend on Common Library add-on.</li> <li>Use vulnerability data directly from Common Library add-on.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/accessControl-v9/accessControl-alpha-9.zap SHA-256:a3a3f34f62a9f5061b7601d85c6b961deebe2f8deec4a6302d220aa5bf17fbd6 https://www.zaproxy.org/docs/desktop/addons/access-control-testing/ https://github.com/zaproxy/zap-extensions/ 2023-09-08 595517 2.13.0 commonlib >= 1.17.0 & < 2.0.0 alertFilters Alert Filters Allows you to automate the changing of alert risk levels. ZAP Dev Team 17 alertFilters-release-17.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> </ul> <h3>Fixed</h3> <ul> <li>Allow to filter Directory Browsing (ID 0) alerts through the Automation Framework job, previously would report as a missing ID.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/alertFilters-v17/alertFilters-release-17.zap SHA-256:848e755eec9d4d7833ae3456bfe57e378abb729ef126883823aad224bd5ec7b7 https://www.zaproxy.org/docs/desktop/addons/alert-filters/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 552237 2.13.0 allinonenotes All In One Notes A simple extension to view all notes in one pane. David Vassallo 2 allinonenotes-alpha-2.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Update link to repository.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/allinonenotes-v2/allinonenotes-alpha-2.zap SHA-256:9e70d6e76b72692e9c0cb64002a692b710710e688ea2d8834818086300632d2a https://www.zaproxy.org/docs/desktop/addons/all-in-one-notes/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 249532 2.11.0 amf AMF Support Adds support for AMF messages ZAP Dev Team 3 amf-alpha-3.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/amf-v3/amf-alpha-3.zap SHA-256:01345ea00a6623d794753a3210f4e3e2b50a8c4ce2bfa6ea57324f0ff01ad7e3 https://www.zaproxy.org/docs/desktop/addons/amf-support/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 911943 2.11.0 ascanrules Active scanner rules The release status Active Scanner rules ZAP Dev Team 57 ascanrules-release-57.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Depend on newer version of Common Library add-on.</li> <li>Use vulnerability data directly from Common Library add-on.</li> </ul> <h3>Fixed</h3> <ul> <li>False positive where linear regression time-based tests returned true when there were not enough requests for a statistically meaningful measurement.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/ascanrules-v57/ascanrules-release-57.zap SHA-256:4607b061616e69e8445d8d7f0dc0dcea76da3d5fd759e0c0694512b9dcda841c https://www.zaproxy.org/docs/desktop/addons/active-scan-rules/ https://github.com/zaproxy/zap-extensions/ 2023-09-08 3263327 2.13.0 commonlib >= 1.17.0 & < 2.0.0 network >= 0.3.0 oast >= 0.7.0 ascanrulesAlpha Active scanner rules (alpha) The alpha status Active Scanner rules ZAP Dev Team 44 ascanrulesAlpha-alpha-44.zap alpha <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Remove the dependency on OAST add-on, no longer required.</li> <li>Depend on newer version of Common Library add-on.</li> <li>Use vulnerability data directly from Common Library add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/ascanrulesAlpha-v44/ascanrulesAlpha-alpha-44.zap SHA-256:e4a9eb4f7148f32ca0671740a432fc1a3c6f043e1928f9daadef2a87b67cd4f4 https://www.zaproxy.org/docs/desktop/addons/active-scan-rules-alpha/ https://github.com/zaproxy/zap-extensions/ 2023-09-08 389877 2.13.0 commonlib >= 1.17.0 & < 2.0.0 ascanrulesBeta Active scanner rules (beta) The beta status Active Scanner rules ZAP Dev Team 48 ascanrulesBeta-beta-48.zap beta <h3>Added</h3> <ul> <li>The HTTP Only Site scan rule now includes example alert functionality for documentation generation purposes (Issue 6119).</li> </ul> <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Depend on newer version of Common Library add-on.</li> <li>Use vulnerability data directly from Common Library add-on.</li> </ul> <h3>Fixed</h3> <ul> <li>The Source Code Disclosure - File Inclusion alerts now consistently leverage the description and solution from the associated vulnerability details.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/ascanrulesBeta-v48/ascanrulesBeta-beta-48.zap SHA-256:7e2c15a577234a3cff5bb9caea44f1899cc0b5d3733130c588c206dec4367069 https://www.zaproxy.org/docs/desktop/addons/active-scan-rules-beta/ https://github.com/zaproxy/zap-extensions/ 2023-09-08 1733028 2.13.0 commonlib >= 1.17.0 & < 2.0.0 database >= 0.1.0 network >= 0.3.0 oast >= 0.7.0 attacksurfacedetector Attack Surface Detector The Attack Surface Detector analyzes web application source code to generate endpoints that can be used for penetration testing. Secure Decisions (Matthew DeLetto) 1.1.4 attacksurfacedetector-alpha-1.1.4.zap alpha Various incremental changes (see https://github.com/secdec/attack-surface-detector-zap/releases)<br> Fix un-handled exception when target unavailable & address various "house keeping" tasks.<br> https://github.com/zaproxy/zap-extensions/releases/download/2.7/attacksurfacedetector-alpha-1.1.4.zap SHA1:e21758c2cdcbc7806f44cc986a88360457eff82e https://github.com/secdec/attack-surface-detector-zap/wiki https://github.com/secdec/attack-surface-detector-zap/ 2019-03-07 15604948 2.7.0 authhelper Authentication Helper Helps identify and set up authentication handling ZAP Dev Team 0.9.0 authhelper-beta-0.9.0.zap beta <h3>Added</h3> <ul> <li>Direct support for handling browser based authentication in the AJAX spider.</li> <li>Support for cookie based session management.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/authhelper-v0.9.0/authhelper-beta-0.9.0.zap SHA-256:bd1a3ec8cd6c3db489847fec40bab09f9887d89c56b9f93ec9b6f2f1c9fa3bdc https://www.zaproxy.org/docs/desktop/addons/authentication-helper/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 816203 2.13.0 commonlib >= 1.13.0 & < 2.0.0 network >=0.6.0 selenium 15.* authstats Authentication Statistics Records logged in/out statistics for all contexts in scope. ZAP Dev Team 2 authstats-alpha-2.zap alpha <h3>Added</h3> <ul> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Dynamically unload the add-on.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/authstats-v2/authstats-alpha-2.zap SHA-256:cfb604c27f3a7a58e7b5aa55fe9f19a9ce5561fab3ef7d3f6c72845671fb5dcf https://www.zaproxy.org/docs/desktop/addons/authentication-statistics/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 247499 2.11.0 automation Automation Framework Automation Framework. ZAP Dev Team 0.32.0 automation-beta-0.32.0.zap beta <h3>Fixed</h3> <ul> <li>Correct output of array values set to the jobs.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/automation-v0.32.0/automation-beta-0.32.0.zap SHA-256:d103308ab54db7dad3ebc749de34e10ea16630fe63a590f35fa32afa0e7952d0 https://www.zaproxy.org/docs/desktop/addons/automation-framework/ https://github.com/zaproxy/zap-extensions/ 2023-10-04 1741300 2.13.0 commonlib >= 1.17.0 & < 2.0.0 beanshell BeanShell Console Provides a BeanShell Console ZAP Dev Team 7 beanshell-beta-7.zap beta <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> <li>Improve permissions and space handling when saving.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/beanshell-v7/beanshell-beta-7.zap SHA-256:0a83cb7d0369ccef50768ccbda1e6c6d82b9f4e3bd9372b38fd32cc21f6a30fb https://www.zaproxy.org/docs/desktop/addons/bean-shell/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 577838 2.11.0 browserView Browser View Adds an option to render HTML responses like a browser ZAP Dev Team 6 browserView-alpha-6.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.12.0.</li> <li>Maintenance changes.</li> <li>Make missing JavaFX logging less verbose in regular use.</li> <li>Update help with the requirements to use the add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/browserView-v6/browserView-alpha-6.zap SHA-256:e53cfde3a009a4be2e40c84ac02e05114505160bd2bab6cbb42416ab9a65b16c https://www.zaproxy.org/docs/desktop/addons/browser-view/ https://github.com/zaproxy/zap-extensions/ 2023-03-13 197667 2.12.0 bruteforce Forced Browse Forced browsing of files and directories using code from the OWASP DirBuster tool ZAP Dev Team 14 bruteforce-beta-14.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/bruteforce-v14/bruteforce-beta-14.zap SHA-256:f5104c6878e27681ccfe4f711be63a676993bffd55bbf4141a43ddda1816b3c9 https://www.zaproxy.org/docs/desktop/addons/forced-browse/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 552301 2.13.0 commonlib >= 1.13.0 & < 2.0.0 bugtracker Bug Tracker Bug Tracker extension. ZAP Dev Team 4 bugtracker-alpha-4.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Dependency updates.</li> <li>Maintenance changes.</li> <li>Updated to use PAT not password (https://github.blog/changelog/2021-08-12-git-password-authentication-is-shutting-down/).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/bugtracker-v4/bugtracker-alpha-4.zap SHA-256:37c57f8e7f4a1608500527ac1831f8b078427f804ea04ad5790a2970e3e1b722 https://www.zaproxy.org/docs/desktop/addons/bug-tracker/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 3707425 2.11.1 callgraph Call Graph Allows the user to view a call graph of the selected resources Colm O'Flaherty 5 callgraph-alpha-5.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/callgraph-v5/callgraph-alpha-5.zap SHA-256:0874ce5aad0c4bbf28f72627a4940759d328396e12b7d6a5596f2e41bf24dc4e https://www.zaproxy.org/docs/desktop/addons/call-graph/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 925930 2.11.0 callhome Call Home Handles all of the calls to ZAP services. ZAP Dev Team 0.7.0 callhome-release-0.7.0.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/callhome-v0.7.0/callhome-release-0.7.0.zap SHA-256:afb68bc751c0821c59a7315e2c50bc611854da62fc865488c6edfa527c513507 https://www.zaproxy.org/docs/desktop/addons/call-home/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 321705 2.13.0 client Client Side Integration Exposes client (browser) side information in ZAP using Firefox and Chrome extensions. ZAP Dev Team 0.2.0 client-alpha-0.2.0.zap alpha <h3>Changed</h3> <ul> <li>Updated the Chrome extension to v0.0.6.</li> <li>Disable client events automatically only for Zest recording.</li> <li>Create Firefox profile to enable the ZAP extension for all sites.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/client-v0.2.0/client-alpha-0.2.0.zap SHA-256:857c63d7daa4eeda6fb22cb8a9ed2850f37c5e382b0663f321e1153a0a9934d6 https://www.zaproxy.org/docs/desktop/addons/client-side-integration/ https://github.com/zaproxy/zap-extensions/ 2023-09-26 1299179 2.13.0 network >=0.8.0 selenium >=15.14.0 codedx Code Dx Extension Includes request and response data in XML reports and provides the ability to upload reports directly to a Code Dx server Code Dx, Inc. 9 codedx-alpha-9.zap alpha <h3>Added</h3> <ul> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Change info URL to link to the site.</li> <li>Maintenance changes.</li> <li>Change to no longer rely on core report classes, which are going to be deleted.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/codedx-v9/codedx-alpha-9.zap SHA-256:767e0a098de281f0bc880b036a5192f26fe0bb014b81227b385a0b63ca570428 https://www.zaproxy.org/docs/desktop/addons/code-dx/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 1769797 2.11.0 commonlib Common Library A common library, for use by other add-ons. ZAP Dev Team 1.17.0 commonlib-release-1.17.0.zap release <h3>Added</h3> <ul> <li>Provide Jackson datatype library for other add-ons (Issue 7961).</li> <li>Provide the Value Generator for other add-ons (Issue 8016).</li> <li>Provide vulnerability data, migrated from core (Issue 8012).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/commonlib-v1.17.0/commonlib-release-1.17.0.zap SHA-256:ec8d8fe063f6b22c3c74f2da24a69c054300eb5223ec542cb82ebd27d95b8572 https://www.zaproxy.org/docs/desktop/addons/common-library/ https://github.com/zaproxy/zap-extensions/ 2023-09-07 10586986 2.13.0 communityScripts Community Scripts Useful ZAP scripts written by the ZAP community. ZAP Community 17 communityScripts-alpha-17.zap alpha <h3>Added</h3> <ul> <li>targeted/SQLMapCommandGenerator.js - it will generate and copy sqlmap command based on the request</li> <li>encode-decode/JwtDecode.js - Decodes JWTs</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.12.0: <ul> <li>Remove compatibility code that provided the singletons (<code>control</code> and <code>model</code>) in JavaScript scripts, they can now be accessed directly always.</li> <li>Use provided singletons (<code>control</code> and <code>model</code>) in Python scripts.</li> <li>Use non-deprecated <code>HttpSender</code> constructor.</li> <li>extender/Simple Reverse Proxy.js - replace usage of deprecated core classes.</li> </ul> </li> <li>Remove statements that return the message in HTTP Sender scripts, the message passed as parameter is used/sent always.</li> </ul> https://github.com/zaproxy/community-scripts/releases/download/v17/communityScripts-alpha-17.zap SHA-256:58110bdd68defdb3610886e37d4a4e46e99cbe60370d5299f5ee398762ef524d https://www.zaproxy.org/docs/desktop/addons/community-scripts/ https://github.com/zaproxy/community-scripts/ 2023-06-28 460543 2.12.0 coreLang Core Language Files Translations of the core language files ZAP Dev Team 15 coreLang-release-15.zap release <h3>Changed</h3> <ul> <li>Update the languages files from Crowdin.</li> <li>Update minimum ZAP version to 2.11.1.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/coreLang-v15/coreLang-release-15.zap SHA-256:d8258b914ffc95820dd045acf56677668a8cbbfc759290f72e30210056dfb88c https://crowdin.com/project/zaproxy https://github.com/zaproxy/zap-extensions/ 2022-02-14 4616009 2.11.1 custompayloads Custom Payloads Ability to add, edit or remove payloads that are used i.e. by active scanners ZAP Dev Team 0.12.0 custompayloads-alpha-0.12.0.zap alpha <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.1.</li> <li>Add help content linking to the Scan Rules which support Custom Payloads.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/custompayloads-v0.12.0/custompayloads-alpha-0.12.0.zap SHA-256:8e31acafdc1e2246e25953d8ccb87efa189a3fdadc596331feabeccc99dece65 https://www.zaproxy.org/docs/desktop/addons/custom-payloads/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 236404 2.11.1 database Database Provides database engines and related infrastructure. ZAP Dev Team 0.2.0 database-alpha-0.2.0.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> <li>Dependency updates.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/database-v0.2.0/database-alpha-0.2.0.zap SHA-256:8605dc174b1a8ff4122c00d35cbcb5938ff3dfa33c33f6e4a254e0d0769610e8 https://www.zaproxy.org/docs/desktop/addons/database/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 20231708 2.13.0 dev Dev Add-on An add-on to help with development of ZAP. ZAP Dev Team 0.3.0 dev-alpha-0.3.0.zap alpha <h3>Added</h3> <ul> <li>Auth page where the return key does not submit the form</li> <li>Auth page which uses one request and one cookie</li> <li>Auth page which uses multiple requests and multiple cookies</li> <li>OpenAPI auth and unauth pages</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> <li>Added TestAuthDirectory abstract class to reduce duplicated code.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/dev-v0.3.0/dev-alpha-0.3.0.zap SHA-256:9dc700c105437cb10362f8a88e080b59fc830747e28a864f8c8bad8e3a19db01 https://www.zaproxy.org/docs/desktop/addons/dev-add-on/ https://github.com/zaproxy/zap-extensions/ 2023-09-07 98137 2.13.0 network >=0.7.0 diff Diff Displays a dialog showing the differences between 2 requests or responses. It uses diffutils and diff_match_patch ZAP Dev Team 13 diff-beta-13.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/diff-v13/diff-beta-13.zap SHA-256:6c864b431e29ed04919fbf5152a034b8a8a447565f310d2b60d27a219b4e4d46 https://www.zaproxy.org/docs/desktop/addons/diff/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 283037 2.13.0 directorylistv1 Directory List v1.0 List of directory names to be used with Forced Browse or Fuzzer add-on. ZAP Dev Team 6 directorylistv1-release-6.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/directorylistv1-v6/directorylistv1-release-6.zap SHA-256:27dd2e5e1d626a9cbb0d47626d07f01e1ffd6528973ff7ee41dc857314844ae6 https://www.zaproxy.org/docs/desktop/addons/directory-list-v1.0/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 960760 2.13.0 directorylistv2_3 Directory List v2.3 Lists of directory names to be used with Forced Browse or Fuzzer add-on. ZAP Dev Team 4 directorylistv2_3-release-4.zap release <h3>Added</h3> <ul> <li>Add help.</li> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/directorylistv2_3-v4/directorylistv2_3-release-4.zap SHA-256:3a8b04b9363b57acd9cf8cd67abce4c630f986e2b492a1ebd01eaa9587a0a199 https://www.zaproxy.org/docs/desktop/addons/directory-list-v2.3/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 8722229 2.11.0 directorylistv2_3_lc Directory List v2.3 LC Lists of lower case directory names to be used with Forced Browse or Fuzzer add-on. ZAP Dev Team 4 directorylistv2_3_lc-release-4.zap release <h3>Added</h3> <ul> <li>Add help.</li> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/directorylistv2_3_lc-v4/directorylistv2_3_lc-release-4.zap SHA-256:2603580ba53673c31800ef7373e7cc09de759369b6f8fb43cc9e5024ad5d9af4 https://www.zaproxy.org/docs/desktop/addons/directory-list-v2.3-lc/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 7569974 2.11.0 domxss DOM XSS Active scanner rule DOM XSS Active scanner rule Aabha Biyani, ZAP Dev Team 17 domxss-release-17.zap release <h3>Changed</h3> <ul> <li>Depend on newer version of Common Library add-on.</li> <li>Use vulnerability data directly from Common Library add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/domxss-v17/domxss-release-17.zap SHA-256:a556bf8d72bc889d2f0718326baceec1b41ff89f3b1a804e42a478db461e0382 https://www.zaproxy.org/docs/desktop/addons/dom-xss-active-scan-rule/ https://github.com/zaproxy/zap-extensions/ 2023-09-08 271370 2.13.0 commonlib >= 1.17.0 & < 2.0.0 network >=0.1.0 selenium >= 15.13.0 encoder Encoder Adds encode/decode/hash dialog and support for scripted processors as well ZAP Dev Team 1.3.0 encoder-release-1.3.0.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> <h3>Fixed</h3> <ul> <li>Do not rely on the default charset in Full URL and ASCII Hex encoders/decoders.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/encoder-v1.3.0/encoder-release-1.3.0.zap SHA-256:09f0d774e9363078a9321bc081360fb179c014f2fd0e4499ab96318a90281cbb https://www.zaproxy.org/docs/desktop/addons/encode-decode-hash/ https://github.com/zaproxy/zap-extensions/ 2023-09-08 469000 2.13.0 evalvillain Eval Villain Adds the Eval Villain extension to Firefox when launched from ZAP. Dennis Goodlett and the ZAP Dev Team 0.3.0 evalvillain-alpha-0.3.0.zap alpha <h3>Changed</h3> <ul> <li>Updated with new version of Eval Villain.</li> <li>Update minimum ZAP version to 2.13.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/evalvillain-v0.3.0/evalvillain-alpha-0.3.0.zap SHA-256:ae7013ded7bd1e6b25ba8822c8fb5609ebef8818934bb8ac20b92067af76acb7 https://www.zaproxy.org/docs/desktop/addons/eval-villain/ https://github.com/zaproxy/zap-extensions/ 2023-09-26 4944088 2.13.0 selenium >=15.5.0 exim Import/Export Import and Export functionality ZAP Dev Team & thatsn0tmysite 0.6.0 exim-beta-0.6.0.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/exim-v0.6.0/exim-beta-0.6.0.zap SHA-256:55ca235b84d2fadf773c796612dd1011330d78282fbbe48612c1c438ced202e0 https://www.zaproxy.org/docs/desktop/addons/import-export/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 478261 2.13.0 commonlib >= 1.8.0 & < 2.0.0 fileupload FileUpload Detect File upload requests and scan them to find related vulnerabilities KSASAN preetkaran20@gmail.com 1.1.0 fileupload-alpha-1.1.0.zap alpha https://github.com/zaproxy/zap-extensions/releases/download/2.7/fileupload-alpha-1.1.0.zap SHA-256:47f2d93c6a53c55983056af282ebef09e80d27c0980517a73347778ad9e47932 https://www.zaproxy.org/blog/2021-08-20-zap-fileupload-addon/ https://github.com/SasanLabs/owasp-zap-fileupload-addon/ 2021-09-17 77520 2.11.0 formhandler Value Generator This Value Generator Add-on allows a user to define field names and values to be used when submitting values to an app. Fields can be added, modified, enabled/disabled, and deleted. ZAP Dev Team 6.4.0 formhandler-beta-6.4.0.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/formhandler-v6.4.0/formhandler-beta-6.4.0.zap SHA-256:71baa94e5a2729d3dced75114c685e41e03c47bd7315c336181b4fcf9d97f543 https://www.zaproxy.org/docs/desktop/addons/value-generator/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 2126133 2.13.0 fuzz Fuzzer Advanced fuzzer for manual testing ZAP Dev Team 13.11.0 fuzz-beta-13.11.0.zap beta <h3>Changed</h3> <ul> <li>Maintenance changes.</li> </ul> <h3>Fixed</h3> <ul> <li>Show actual contents of the message after edits (Issue 7947).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/fuzz-v13.11.0/fuzz-beta-13.11.0.zap SHA-256:28f6cc9249fa72888e50fdcd8d029daaece9224277f4f2ad8c868baac3ec516b https://www.zaproxy.org/docs/desktop/addons/fuzzer/ https://github.com/zaproxy/zap-extensions/ 2023-10-04 1999872 2.13.0 commonlib >= 1.13.0 & < 2.0.0 fuzzdb FuzzDB Files FuzzDB files which can be used with the ZAP fuzzer ZAP Dev Team 9 fuzzdb-release-9.zap release <h3>Changed</h3> <ul> <li>Updated RAFT lists based on more recent SecLists contributions</li> <li>Update minimum ZAP version to 2.11.1.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/fuzzdb-v9/fuzzdb-release-9.zap SHA-256:c79537362cd6b383f447359685e3bd51795600b97ca0c1fadc4ba74828a7d4f4 https://www.zaproxy.org/docs/desktop/addons/fuzzdb-files/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 6167205 2.11.1 fuzzdboffensive FuzzDB Offensive FuzzDB web backdoors and attack files which can be used with the ZAP fuzzer or for manual penetration testing ZAP Dev Team 4 fuzzdboffensive-release-4.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.10.0.</li> </ul> https://github.com/zaproxy/fuzzdb-offensive/releases/download/v4/fuzzdboffensive-release-4.zap SHA-256:06bf75d2745c8f6e9a861597a31bab2d3f96058a3c497539a3ba234c687e796a https://www.zaproxy.org/docs/desktop/addons/fuzzdb-offensive/ https://github.com/zaproxy/fuzzdb-offensive/ 2021-06-11 414373 2.10.0 gettingStarted Getting Started with ZAP Guide A short Getting Started with ZAP Guide ZAP Dev Team 15 gettingStarted-release-15.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.13.0.</li> <li>Update OWASP description in Getting Started Guide.</li> </ul> <h3>Fixed</h3> <ul> <li>Fix typo in Getting Started Guide.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/gettingStarted-v15/gettingStarted-release-15.zap SHA-256:baf54589cfce5d5b86ab44f3eeddf16a2a0fae6d6c3184a194950abf540307bf https://www.zaproxy.org/docs/desktop/addons/getting-started-guide/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 789404 2.13.0 graaljs GraalVM JavaScript Provides the GraalVM JavaScript engine for ZAP scripting. ZAP Dev Team 0.4.0 graaljs-alpha-0.4.0.zap alpha <h3>Added</h3> <ul> <li>Add info URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> <li>Replace usage of singletons with injected variables (e.g. <code>model</code>, <code>control</code>) in scripts.</li> </ul> <h3>Fixed</h3> <ul> <li>Updated encode-decode script templates to conform to the latest method signatures.</li> <li>Update the content-length header field after setting the request body in the authentication templates.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/graaljs-v0.4.0/graaljs-alpha-0.4.0.zap SHA-256:2d6df072488cc85cafdf0e6dbe503e981ca3086ee25e63eb14af3c3a8e050084 https://www.zaproxy.org/docs/desktop/addons/graalvm-javascript/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 20441382 2.13.0 graphql GraphQL Support Inspect and attack GraphQL endpoints. ZAP Dev Team 0.19.0 graphql-alpha-0.19.0.zap alpha <h3>Added</h3> <ul> <li>The add-on now includes example alert functionality for documentation generation purposes (Issue 6119).</li> </ul> <h3>Changed</h3> <ul> <li>Dependency updates.</li> <li>Maintenance changes.</li> <li>Depend on newer versions of Automation Framework and Common Library add-ons (Related to Issue 7961).</li> <li>Use Common Library add-on to obtain the Value Generator (Issue 8016).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/graphql-v0.19.0/graphql-alpha-0.19.0.zap SHA-256:a697070d6edaaea3c3f257697d7262b5b7609d5a02888f59e3f9003854c303f9 https://www.zaproxy.org/docs/desktop/addons/graphql-support/ https://github.com/zaproxy/zap-extensions/ 2023-09-07 5370866 2.13.0 commonlib >= 1.17.0 & < 2.0.0 groovy Groovy Support Adds Groovy support to ZAP ZAP Dev Team 3.1.0 groovy-beta-3.1.0.zap beta <h3>Added</h3> <ul> <li>encode-decode default template.</li> </ul> <h3>Changed</h3> <ul> <li>Update links to zaproxy and zap-extensions repos.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/groovy-v3.1.0/groovy-beta-3.1.0.zap SHA-256:ee208309c6b9619f6527a05f48949e38e1476f2b3fa7c6e32fbd1111f4bdac58 https://www.zaproxy.org/docs/desktop/addons/groovy-support/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 19006812 2.11.0 help Help - English English version of the ZAP help file. ZAP Crowdin Team 16 help-release-16.zap release <h3>Added</h3> <ul> <li>Desktop HTML Injection Fix section.</li> <li>Help details warning against specifying default ports (80/443) (Issue 7649).</li> </ul> <h3>Changed</h3> <ul> <li>Updated for 2.13.0.</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help-v16/help-release-16.zap SHA-256:46d549b0f68d707bdb11f0129fe37858c2384487465e4e1748e0558d1dae0b71 https://www.zaproxy.org/docs/desktop/ https://github.com/zaproxy/zap-core-help/ 2023-07-11 619277 2.13.0 help_ar_SA Help - Arabic Arabic version of the ZAP help file. ZAP Crowdin Team 1 help_ar_SA-alpha-1.zap alpha <ul> <li>First version.</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ar_SA-v1/help_ar_SA-alpha-1.zap SHA-256:8208b0c788d5e29a2bb34f3c44c07db613faefb17d8d9cfb60adc02629c2b3f1 https://github.com/zaproxy/zap-core-help/ 2022-01-18 649333 2.11.0 help_bs_BA Help - Bosnian Bosnian version of the ZAP help file. ZAP Crowdin Team 9 help_bs_BA-alpha-9.zap alpha Updated with the latest files from crowdin https://github.com/zaproxy/zap-extensions/releases/download/2.7/help_bs_BA-alpha-9.zap SHA1:d33a3277e877da4734e6bf9c911c61c4e6ce2f3f 2018-02-08 747536 2.7.0 help_es_ES Help - Spanish Spanish version of the ZAP help file. ZAP Crowdin Team 10 help_es_ES-release-10.zap release <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_es_ES-v10/help_es_ES-release-10.zap SHA-256:63cc24e180374cf038d6aefe31b3f62e170437958ad61d2d3e65d2722fbedc1a https://github.com/zaproxy/zap-core-help/ 2022-01-18 697066 2.11.0 help_fil_PH Help - Filipino Filipino version of the ZAP help file. ZAP Crowdin Team 3 help_fil_PH-alpha-3.zap alpha <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_fil_PH-v3/help_fil_PH-alpha-3.zap SHA-256:64bbeb0f9404b70c0d49e9fd5da789b8d3902a20f518c7305eb412242831a180 https://github.com/zaproxy/zap-core-help/ 2022-01-18 710027 2.11.0 help_fr_FR Help - French French version of the ZAP help file. ZAP Crowdin Team 10 help_fr_FR-alpha-10.zap alpha <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_fr_FR-v10/help_fr_FR-alpha-10.zap SHA-256:f1ede9441e5de48170fdef598eb543ef6ad0813eed2e838d2c4803ea114fcb1a https://github.com/zaproxy/zap-core-help/ 2022-01-18 646717 2.11.0 help_id_ID Help - Indonesian Indonesian version of the ZAP help file. ZAP Crowdin Team 3 help_id_ID-beta-3.zap beta <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_id_ID-v3/help_id_ID-beta-3.zap SHA-256:ef50363872d783c3c49417bc821b28256cf35d8390004c48f6d4e030ceb8a7c5 https://github.com/zaproxy/zap-core-help/ 2022-01-18 671009 2.11.0 help_ja_JP Help - Japanese Japanese version of the ZAP help file. ZAP Crowdin Team 10 help_ja_JP-beta-10.zap beta <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ja_JP-v10/help_ja_JP-beta-10.zap SHA-256:11d310352e8719fe50587c5b97dd5eeb3a2e2ab23e450a7c1d0fad013d003536 https://github.com/zaproxy/zap-core-help/ 2022-01-18 661964 2.11.0 help_ms_MY Help - Malay Malay version of the ZAP help file. ZAP Crowdin Team 1 help_ms_MY-alpha-1.zap alpha <ul> <li>First version.</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ms_MY-v1/help_ms_MY-alpha-1.zap SHA-256:6407990b8ebaa2e401c3addc47081c742ab7fce25cec107ef49b4e627ad3ceae https://github.com/zaproxy/zap-core-help/ 2022-01-18 636908 2.11.0 help_pt_BR Help - Portuguese, Brazilian Portuguese, Brazilian version of the ZAP help file. ZAP Crowdin Team 11 help_pt_BR-release-11.zap release <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_pt_BR-v11/help_pt_BR-release-11.zap SHA-256:3fdf92763c1c851848df6b3588c97bbeb22837002351fd00c8208d8ab01ff710 https://github.com/zaproxy/zap-core-help/ 2022-01-18 682092 2.11.0 help_ru_RU Help - Russian Russian version of the ZAP help file. ZAP Crowdin Team 2 help_ru_RU-release-2.zap release <h3>Changed</h3> <ul> <li>Promote to Release</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_ru_RU-v2/help_ru_RU-release-2.zap SHA-256:3fd5d8e6af7453a3a16e7c38a19ec941a330d0fd050f562ecebdc4638ae52c80 https://github.com/zaproxy/zap-core-help/ 2022-02-24 779171 2.11.0 help_tr_TR Help - Turkish Turkish version of the ZAP help file. ZAP Crowdin Team 2 help_tr_TR-release-2.zap release <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_tr_TR-v2/help_tr_TR-release-2.zap SHA-256:a92b43beab5e196341d8ddf40d594f1596c225c74f0f5b9280e223acc9a8535c https://github.com/zaproxy/zap-core-help/ 2022-01-18 710766 2.11.0 help_zh_CN Help - Chinese Simplified Chinese Simplified version of the ZAP help file. ZAP Crowdin Team 3 help_zh_CN-beta-3.zap beta <h3>Changed</h3> <ul> <li>Updated with the latest files from crowdin</li> </ul> https://github.com/zaproxy/zap-core-help/releases/download/help_zh_CN-v3/help_zh_CN-beta-3.zap SHA-256:959b718a307ca32c7807c0d327533765eeb6a0a799b9bc98a2a1e22b3b47bc5a https://github.com/zaproxy/zap-core-help/ 2022-01-18 656718 2.11.0 highlighter Highlighter Allows you to highlight strings in the request and response tabs. ZAP Dev Team 8 highlighter-alpha-8.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/highlighter-v8/highlighter-alpha-8.zap SHA-256:4c4852bb2f42eb20dbe19a091e9025667947c73967a65770658333bedd01fccf https://www.zaproxy.org/docs/desktop/addons/highlighter/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 115527 2.11.0 hud HUD - Heads Up Display Display information from ZAP in browser. ZAP Dev Team 0.17.0 hud-beta-0.17.0.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> </ul> https://github.com/zaproxy/zap-hud/releases/download/v0.17.0/hud-beta-0.17.0.zap SHA-256:70cfb654ebb9beffcd2a1749c935eda2ff33e6e721b7e1a94b0a480b01183020 https://www.zaproxy.org/docs/desktop/addons/hud/ https://github.com/zaproxy/zap-hud/ 2023-07-11 1369388 2.13.0 network >= 0.1.0 websocket imagelocationscanner Image Location and Privacy Scanner Image Location and Privacy Passive Scanner Jay Ball (veggiespam) and the ZAP Dev Team 4 imagelocationscanner-beta-4.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.1.</li> <li>Maintenance changes.</li> </ul> <h3>Added</h3> <ul> <li>OWASP Web Security Testing Guide v4.2 mappings.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/imagelocationscanner-v4/imagelocationscanner-beta-4.zap SHA-256:6d168e4d156335a0544619011b742e47e6dc1d492a2d63a0e8f787b28796b2c9 https://www.zaproxy.org/docs/desktop/addons/image-location-and-privacy-scanner/ https://github.com/zaproxy/zap-extensions/ 2022-09-23 1138093 2.11.1 commonlib >= 1.6.0 & < 2.0.0 invoke Invoke Applications Invoke external applications passing context related information such as URLs and parameters ZAP Dev Team 13 invoke-beta-13.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/invoke-v13/invoke-beta-13.zap SHA-256:76fabf09a9bbd6175e283849e04be7b88b122a0a0023c67c7dc01c6a464a3d21 https://www.zaproxy.org/docs/desktop/addons/invoke-applications/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 323777 2.13.0 jruby Ruby Scripting Allows Ruby to be used for ZAP scripting - templates included ZAP Dev Team 8 jruby-beta-8.zap beta <h3>Changed</h3> <ul> <li>Update links to zaproxy repo.</li> <li>Rename reliability to confidence in active/passive templates.</li> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/jruby-v8/jruby-beta-8.zap SHA-256:f5bb450a165f6c407b8d24f7b2776bdc7a2edb0b4b42aea385f8a6ad1ae605ca https://www.zaproxy.org/docs/desktop/addons/ruby-scripting/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 21968128 2.11.0 jsonview JSON View Adds a view that shows JSON messages nicely formatted Juha Kivekäs 3 jsonview-alpha-3.zap alpha <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.13.0.</li> <li>Depend on Common Library add-on to reuse libraries (Issue 7961).</li> </ul> <h3>Fixed</h3> <ul> <li>Use other library to format the JSON bodies (Issue 7798).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/jsonview-v3/jsonview-alpha-3.zap SHA-256:ddafbbced033cc937ef37182e3650119dee3c7e5f1ac4ded73ea42125467184d https://www.zaproxy.org/docs/desktop/addons/json-view/ https://github.com/zaproxy/zap-extensions/ 2023-09-07 120558 2.13.0 commonlib >= 1.16.0 & < 2.0.0 jwt JWT Support Detect JWT requests and scan them to find related vulnerabilities KSASAN preetkaran20@gmail.com 1.0.3 jwt-alpha-1.0.3.zap alpha <ul> <li>First version of JWT Support. <ul> <li>Contains scanning rules for basic JWT related vulnerabilities.</li> <li>Contains JWT Fuzzer for fuzzing the JWT's present in the request.</li> </ul> </li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/2.7/jwt-alpha-1.0.3.zap SHA-256:d3df8480010ad2df230cbdb99619aafdb869861349455c3da0129a99b132d204 https://github.com/SasanLabs/owasp-zap-jwt-addon/ 2023-01-02 751748 2.11.1 commonlib fuzz 13.* jython Python Scripting Allows Python to be used for ZAP scripting - templates included ZAP Dev Team 13 jython-beta-13.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> <li>Replace usage of singletons with injected variables (e.g. <code>model</code>, <code>control</code>) in scripts.</li> </ul> <h3>Fixed</h3> <ul> <li>Updated encode-decode script templates to conform to the latest method signatures.</li> <li>Update the content-length header field after setting the request body in the authentication template.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/jython-v13/jython-beta-13.zap SHA-256:9ff83016415835e6271a5913057b995c6b784c0c19d328e772f0dc297452103a https://www.zaproxy.org/docs/desktop/addons/python-scripting/ https://github.com/zaproxy/zap-extensions/ 2023-09-07 43313819 2.13.0 kotlin Kotlin Support Allows Kotlin to be used for ZAP scripting StackHawk Engineering 1.1.0 kotlin-alpha-1.1.0.zap alpha <h3>Changed</h3> <ul> <li>Use appropriate syntax style for highlighting of code.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/kotlin-v1.1.0/kotlin-alpha-1.1.0.zap SHA-256:85a47ea7199b77cfb09081302c277de2ba5e2102ef79907573ebcfa6425302e9 https://www.zaproxy.org/docs/desktop/addons/kotlin-support/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 48865539 2.11.0 levoai Levo.ai Build OpenAPI Specs with ZAP traffic using Levo.ai. Levo.ai 0.2.0 levoai-zap-addon-alpha-0.2.0.zap alpha <h3>Added</h3> <ul> <li>Validate the Satellite URL structure when it is modified.</li> </ul> <h3>Fixed</h3> <ul> <li>URLs with '/' as the path were not being handled correctly.</li> </ul> https://github.com/levoai/levoai-zap-addon/releases/download/v0.2.0/levoai-zap-addon-alpha-0.2.0.zap SHA-256:28777022d50fa8ff29ef21ab94d01786d4936dcf6ddc9303e64f52983203311d https://docs.levo.ai/api-observability/quickstart/quickstart-zap-addon https://github.com/levoai/levoai-zap-addon 2022-12-26 2459871 2.12.0 neonmarker Neonmarker Colors history table items based on tags Juha Kivekäs, Kingthorin 1.6.0 neonmarker-alpha-1.6.0.zap alpha <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>The script example in the Help content was updated to use the injected core variables instead of using the fully qualified class name.</li> </ul> <h3>Fixed</h3> <ul> <li>An NPE which could happen when removing an entry that didn't yet have a tag assigned.</li> </ul> https://github.com/kingthorin/neonmarker/releases/download/v1.6.0/neonmarker-alpha-1.6.0.zap SHA-256:b6b1eef2673821189dee4877fe07cd78b64af662e3c6bff6e32c4f868b290ad3 https://www.zaproxy.org/docs/desktop/addons/neonmarker/ https://github.com/kingthorin/neonmarker 2023-08-17 35557 2.10.0 network Network Provides core networking capabilities. ZAP Dev Team 0.11.2 network-beta-0.11.2.zap beta <h3>Fixed</h3> <ul> <li>Ensure the main proxy with custom port (<code>-port</code>) is stopped when initialising after installation in <code>cmd</code> and <code>daemon</code> modes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/network-v0.11.2/network-beta-0.11.2.zap SHA-256:f43ca365fb23b330fa48c7960e90404aed99c7613e2eb5b9597b52c416217bc6 https://www.zaproxy.org/docs/desktop/addons/network/ https://github.com/zaproxy/zap-extensions/ 2023-09-27 24779843 2.13.0 oast OAST Support Allows you to exploit out-of-band vulnerabilities ZAP Dev Team 0.16.0 oast-beta-0.16.0.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> <li>Replace usage of singletons with injected variables (e.g. <code>model</code>, <code>control</code>) in scripts.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/oast-v0.16.0/oast-beta-0.16.0.zap SHA-256:3a5b01896924ef933944cc6049e283d8c1b4c57ca7b3d84270fcaee5b669e4b2 https://www.zaproxy.org/docs/desktop/addons/oast-support/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 812399 2.13.0 database >= 0.1.0 network >= 0.1.0 onlineMenu Online menus ZAP Online menu items ZAP Dev Team 11 onlineMenu-release-11.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/onlineMenu-v11/onlineMenu-release-11.zap SHA-256:bdad8dc5dce74ac3c02feb759560ee26b673d78d9d25580245ca7b8b3b0226c0 https://www.zaproxy.org/docs/desktop/addons/online-menu/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 209046 2.13.0 openapi OpenAPI Support Imports and spiders OpenAPI definitions. ZAP Dev Team plus Joanna Bona, Nathalie Bouchahine, Artur Grzesica, Mohammad Kamar, Markus Kiss, Michal Materniak, Marcin Spiewak, and SDA SE Open Industry Solutions 36 openapi-beta-36.zap beta <h3>Changed</h3> <ul> <li>Dependency updates.</li> <li>The &quot;Import an OpenAPI definition from the local file system&quot; and &quot;Import an OpenAPI definition from a URL&quot; menu items were merged into one, &quot;Import an OpenAPI Definition&quot;.</li> <li>Depend on newer versions of Automation Framework and Common Library add-ons (Related to Issue 7961).</li> <li>Use Common Library add-on to obtain the Value Generator (Issue 8016).</li> </ul> <h3>Fixed</h3> <ul> <li>Importing empty or invalid OpenAPI definitions failed silently in some cases (Issue 7949).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/openapi-v36/openapi-beta-36.zap SHA-256:79c06cada581b3d60c7fbabc9f9cec6c6cac34c0b53bf9051b87b10d50b40ead https://www.zaproxy.org/docs/desktop/addons/openapi-support/ https://github.com/zaproxy/zap-extensions/ 2023-09-07 13133444 2.13.0 commonlib >= 1.17.0 & < 2.0.0 packpentester Collection: Pentester Pack A collection of add-ons ideal for pentesters ZAP Dev Team 0.1.0 packpentester-alpha-0.1.0.zap alpha <h3>Fixed</h3> <ul> <li>Corrected fuzz add-on name</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/packpentester-v0.1.0/packpentester-alpha-0.1.0.zap SHA-256:0b8e7e4ddffdcacf46fdf9793bf84217738e281cbd5ccac732788c4b768d069c https://www.zaproxy.org/docs/desktop/addons/collection-pentester-pack/ https://github.com/zaproxy/zap-extensions/ 2022-05-12 6792 2.11.1 accessControl attacksurfacedetector custompayloads evalvillain fileupload fuzz fuzzdb jsonview jwt requester viewstate wappalyzer packscanrules Collection: Scan Rules Pack All of the add-ons just containing release, beta and alpha status scan rules ZAP Dev Team 0.0.1 packscanrules-alpha-0.0.1.zap alpha <p>First version.</p> https://github.com/zaproxy/zap-extensions/releases/download/packscanrules-v0.0.1/packscanrules-alpha-0.0.1.zap SHA-256:5ad68f153379bd96f36a7bead61e884cc42e1409cdd262dffc682b5f7bf92da4 https://www.zaproxy.org/docs/desktop/addons/collection-scan-rules-pack/ https://github.com/zaproxy/zap-extensions/ 2022-05-13 9244 2.11.1 ascanrules ascanrulesAlpha ascanrulesBeta domxss pscanrules pscanrulesAlpha pscanrulesBeta retire paramdigger Parameter Digger Identify hidden, unlinked parameters. Useful for finding web cache poisoning vulnerabilities. ZAP Dev Team and Arkaprabha Chakraborty 0.2.0 paramdigger-alpha-0.2.0.zap alpha <h3>Fixed</h3> <ul> <li>NullPointerException which could occur with header guesser.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.12.0.</li> <li>Maintenance changes.</li> <li>Default number of threads to 2 * processor count.</li> <li>Change panel designs to allow message selection.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/paramdigger-v0.2.0/paramdigger-alpha-0.2.0.zap SHA-256:a6741d85e9d9b9a01107e176f8530c3386fc4671fde4c0a38b94cd6d953a35d6 https://www.zaproxy.org/docs/desktop/addons/parameter-digger/ https://github.com/zaproxy/zap-extensions/ 2023-06-06 553729 2.12.0 commonlib >= 1.13.0 & < 2.0.0 plugnhack Plug-n-Hack Configuration Supports the Mozilla Plug-n-Hack standard: https://developer.mozilla.org/en-US/docs/Plug-n-Hack. ZAP Dev Team 13 plugnhack-beta-13.zap beta <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.12.0.</li> <li>Use Network add-on to obtain main proxy address/port.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/plugnhack-v13/plugnhack-beta-13.zap SHA-256:8d74b572bb7e08d09ebcfd10da9f2f65f7970f9452feadb8bbe69c8037b80ee2 https://www.zaproxy.org/docs/desktop/addons/plug-n-hack/ https://github.com/zaproxy/zap-extensions/ 2022-10-27 736005 2.12.0 network >= 0.2.0 portscan Port Scanner Allows to port scan a target server ZAP Dev Team 10 portscan-beta-10.zap beta <h3>Changed</h3> <ul> <li>Use the Network add-on to obtain the outgoing proxy.</li> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.12.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/portscan-v10/portscan-beta-10.zap SHA-256:6cf0432e1c329499649b219d2f00e7ec7bc2079d7160396fecb9a8ad3446b963 https://www.zaproxy.org/docs/desktop/addons/port-scan/ https://github.com/zaproxy/zap-extensions/ 2022-10-27 724563 2.12.0 network >=0.3.0 postman Postman Support Imports and spiders Postman collections. ZAP Dev Team 0.1.0 postman-alpha-0.1.0.zap alpha <h3>Added</h3> <ul> <li>Support collection JSON variables.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/postman-v0.1.0/postman-alpha-0.1.0.zap SHA-256:c8196ff878a86d70026cf77a177fafc0976f903db9a570369220bd48e70dac25 https://www.zaproxy.org/docs/desktop/addons/postman-support/ https://github.com/zaproxy/zap-extensions/ 2023-10-04 235055 2.13.0 commonlib >= 1.16.0 & < 2.0.0 pscanrules Passive scanner rules The release status Passive Scanner rules ZAP Dev Team 51 pscanrules-release-51.zap release <h3>Added</h3> <ul> <li>The following now include example alert functionality for documentation generation purposes (Issue 6119): <ul> <li>Loosely Scoped Cookie scan rule.</li> </ul> </li> </ul> <h3>Changed</h3> <ul> <li>Dependency updates.</li> <li>Maintenance changes.</li> <li>The alerts of the Hash Disclosure scan rule no longer have the evidence duplicated in the Other Info field.</li> <li>Depend on newer version of Common Library add-on.</li> <li>Use vulnerability data directly from Common Library add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/pscanrules-v51/pscanrules-release-51.zap SHA-256:60f55d4eb43f0a4180ad30cea08f15ea775fe76d3d0ceeba46d43e8c77c27d0e https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules/ https://github.com/zaproxy/zap-extensions/ 2023-09-08 1854322 2.13.0 commonlib >= 1.17.0 & < 2.0.0 pscanrulesAlpha Passive scanner rules (alpha) The alpha status Passive Scanner rules ZAP Dev Team 41 pscanrulesAlpha-alpha-41.zap alpha <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Use HTTPS and resolve redirections in the alert references.</li> <li>The alerts ASP.NET ViewState Disclosure and ASP.NET ViewState Integrity no longer have the evidence duplicated in the Other Info field.</li> <li>Depend on newer version of Common Library add-on.</li> <li>Use vulnerability data directly from Common Library add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/pscanrulesAlpha-v41/pscanrulesAlpha-alpha-41.zap SHA-256:9954ac2e22cfb694de8e7b5b9cc664d04c8be5c7537e6b78f96cbdf643152e56 https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules-alpha/ https://github.com/zaproxy/zap-extensions/ 2023-09-08 422582 2.13.0 commonlib >= 1.17.0 & < 2.0.0 pscanrulesBeta Passive scanner rules (beta) The beta status Passive Scanner rules ZAP Dev Team 35 pscanrulesBeta-beta-35.zap beta <h3>Changed</h3> <ul> <li>Use HTTPS and resolve redirections in the alert references.</li> <li>The alerts of the Source Code Disclosure scan rule no longer have the evidence duplicated in the Other Info field.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/pscanrulesBeta-v35/pscanrulesBeta-beta-35.zap SHA-256:a601066cc33aec17eb4552fb5d6bbee815e4bc65f7c2b36734b6748a010a57e1 https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules-beta/ https://github.com/zaproxy/zap-extensions/ 2023-09-08 671228 2.13.0 commonlib >= 1.10.0 & < 2.0.0 quickstart Quick Start Provides a tab which allows you to quickly test a target application ZAP Dev Team 42 quickstart-release-42.zap release <h3>Changed</h3> <ul> <li>ZAPit: carry on even if non success code returned.</li> <li>ZAPit: scan HTTP and HTTPS if protocol not specified.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/quickstart-v42/quickstart-release-42.zap SHA-256:a6acd0154989b125332f95da4160d71ff52aa965f161a59b9ece05f2c9c3527f https://www.zaproxy.org/docs/desktop/addons/quick-start/ https://github.com/zaproxy/zap-extensions/ 2023-10-04 729481 2.13.0 callhome >= 0.0.1 network >= 0.3.0 reports >= 0.4.0 reflect Reflect Finds reflected parameters Caleb Kinney 0.0.11 reflect-alpha-0.0.11.zap alpha https://github.com/zaproxy/zap-extensions/releases/download/2.7/reflect-alpha-0.0.11.zap SHA-256:c45307037042e4079546a5fcb17d1165475e5cdd5ba7e8abc0d2cf0a14866466 2021-02-19 1780219 2.9.0 regextester Regular Expression Tester Allows to test Regular Expressions ZAP Dev Team 2 regextester-alpha-2.zap alpha <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> </ul> <h3>Fixed</h3> <ul> <li>Close dialogues when the add-on is uninstalled.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/regextester-v2/regextester-alpha-2.zap SHA-256:b4706709c16a45e8bedc0bd6f28dd09532d5dbf3f1fe2c2853e20dbf6160a584 https://www.zaproxy.org/docs/desktop/addons/regular-expression-tester/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 159441 2.11.0 replacer Replacer Easy way to replace strings in requests and responses. ZAP Dev Team 14 replacer-release-14.zap release <h3>Added</h3> <ul> <li>Support for the Automation Framework (Issue 7686).</li> </ul> <h3>Changed</h3> <ul> <li>Document that Token Processing applies just to string match types and disable the field in the dialogue when other match types are selected.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/replacer-v14/replacer-release-14.zap SHA-256:a7a4f45158c861f1a7d03f3228362d5223f7d665a6f978394d3b244c51e5358c https://www.zaproxy.org/docs/desktop/addons/replacer/ https://github.com/zaproxy/zap-extensions/ 2023-09-07 383959 2.13.0 reports Report Generation Official ZAP Reports. ZAP Dev Team 0.25.0 reports-release-0.25.0.zap release <h3>Changed</h3> <ul> <li>Depend on newer versions of Automation Framework and Common Library add-ons (Related to Issue 7961).</li> <li>Update JavaDoc links to always link to latest version of ZAP.</li> </ul> <h3>Fixed</h3> <ul> <li>Fix error when generating the High Level Report Sample with an alert that has an empty description (Issue 8071).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/reports-v0.25.0/reports-release-0.25.0.zap SHA-256:944e0cd682cb4cdd9017c1cafee44b59b42c03c26dc65ce19de39046bd6b9921 https://www.zaproxy.org/docs/desktop/addons/report-generation/ https://github.com/zaproxy/zap-extensions/ 2023-10-04 14063781 2.13.0 commonlib >= 1.17.0 & < 2.0.0 requester Requester Allows to manually edit and send messages. Surikato and the ZAP Dev Team 7.3.0 requester-beta-7.3.0.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/requester-v7.3.0/requester-beta-7.3.0.zap SHA-256:810619a6034c96ef7a7ba549f293075f75cb4c6b639b63bda22862092099d077 https://www.zaproxy.org/docs/desktop/addons/requester/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 712648 2.13.0 retest Retest An add-on to retest for presence/absence of previously generated alerts. ZAP Dev Team 0.7.0 retest-alpha-0.7.0.zap alpha <h3>Changed</h3> <ul> <li>Depend on newer versions of Automation Framework and Common Library add-ons (Related to Issue 7961).</li> <li>Use vulnerability data directly from Common Library add-on.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/retest-v0.7.0/retest-alpha-0.7.0.zap SHA-256:da6f5e62c32c68ba88b7815abd666163851d61be02aa9d24ce54be12c52eb3af https://www.zaproxy.org/docs/desktop/addons/retest/ https://github.com/zaproxy/zap-extensions/ 2023-09-08 258633 2.13.0 automation >=0.31.0 commonlib >= 1.17.0 & < 2.0.0 retire Retire.js Retire.js Nikita Mundhada and the ZAP Dev Team 0.25.0 retire-release-0.25.0.zap release <h3>Changed</h3> <ul> <li>Updated with upstream retire.js pattern changes.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/retire-v0.25.0/retire-release-0.25.0.zap SHA-256:ec8f05a6791fbabbd0f334bf7c47108a243ea3a481222a6b51e4fa7762f2cda8 https://www.zaproxy.org/docs/desktop/addons/retire.js/ https://github.com/zaproxy/zap-extensions/ 2023-08-14 978741 2.13.0 commonlib >= 1.16.0 & < 2.0.0 reveal Reveal Show hidden fields and enable disabled fields ZAP Dev Team 6 reveal-release-6.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/reveal-v6/reveal-release-6.zap SHA-256:4972812a6d8d77cb764db810d7025e39517c06bf49937a412e8a005a2a3faac9 https://www.zaproxy.org/docs/desktop/addons/reveal/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 238381 2.13.0 revisit Revisit Revisit a site at any time in the past using the session history ZAP Dev Team 4 revisit-alpha-4.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> <li>Maintenance changes.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/revisit-v4/revisit-alpha-4.zap SHA-256:445bb2a98e06d4ecc945c35c2777dae1b1e5b6ea20de78b920c8004bc3615195 https://www.zaproxy.org/docs/desktop/addons/revisit/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 299864 2.11.0 saml SAML Support Detect, Show, Edit, Fuzz SAML requests ZAP Dev Team 10 saml-alpha-10.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.12.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/saml-v10/saml-alpha-10.zap SHA-256:097492271c7ec1d85def81091ffe897f4809927043844d1f5f0c7c598a0ad164 https://www.zaproxy.org/docs/desktop/addons/saml-support/ https://github.com/zaproxy/zap-extensions/ 2022-10-28 1811985 2.12.0 scripts Script Console Supports all JSR 223 scripting languages ZAP Dev Team 41 scripts-release-41.zap release <h3>Added</h3> <ul> <li>Allow selecting a default behaviour when a script in the console changes on disk (Issues 5463, 7582). The allowed options are &quot;Ask Each Time&quot;, &quot;Keep Script&quot;, and &quot;Replace Script&quot;.</li> </ul> <h3>Changed</h3> <ul> <li>Update extender template scripts to also work with Graal.js engine.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/scripts-v41/scripts-release-41.zap SHA-256:ec84afb53897092cd055bb9e9f58a0df706fdbdad9c15e0b3091d497bf3e0402 https://www.zaproxy.org/docs/desktop/addons/script-console/ https://github.com/zaproxy/zap-extensions/ 2023-10-04 819519 2.13.0 selenium Selenium WebDriver provider and includes HtmlUnit browser ZAP Dev Team 15.14.0 selenium-release-15.14.0.zap release <h3>Added</h3> <ul> <li>Add statistics for browser launch successes and failures that include the requester, e.g.: <ul> <li><code>stats.selenium.launch.&lt;requester-id&gt;.&lt;browser-id&gt;</code></li> <li><code>stats.selenium.launch.&lt;requester-id&gt;.&lt;browser-id&gt;.failure</code></li> </ul> </li> <li>Allow to configure additional (CLI) arguments for Chrome and Firefox.</li> <li>Support for selecting a default Firefox profile.</li> </ul> <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Update Selenium to version 4.12.1.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/selenium-v15.14.0/selenium-release-15.14.0.zap SHA-256:844e5909a3ed5510febb947a525f9b006500a9018491b558082d9d7ceab3e388 https://www.zaproxy.org/docs/desktop/addons/selenium/ https://github.com/zaproxy/zap-extensions/ 2023-09-26 34139169 2.13.0 network >=0.2.0 sequence Sequence Gives the possibility of defining a sequence of requests to be scanned. ZAP Dev Team 6 sequence-alpha-6.zap alpha <h3>Added</h3> <ul> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Issue 2000 - Updated strings shown in active scan dialog with title caps.</li> <li>Enable help button in Sequence tab of Active Scan dialog.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/sequence-v6/sequence-alpha-6.zap SHA-256:2849204eab9ea1da50404ab9604e5ec69440c490453a24392c9a40bf95cdb164 https://www.zaproxy.org/docs/desktop/addons/sequence-scanner/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 1556476 2.11.0 zest soap SOAP Support Imports and scans WSDL files containing SOAP endpoints. Alberto (albertov91) + ZAP Dev Team 19 soap-beta-19.zap beta <h3>Changed</h3> <ul> <li>The &quot;Import a WSDL file from local file system&quot; and &quot;Import a WSDL file from a URL&quot; menu items were merged into one, &quot;Import a WSDL File&quot;. The merged dialog uses the shortcut <code>Ctrl+J</code> (<code>Cmd+J</code> on macOS).</li> <li>The Import dialog shows the values used in the previous import when reopened.</li> <li>Maintenance changes.</li> <li>Depend on newer versions of Automation Framework and Common Library add-ons (Related to Issue 7961).</li> <li>Use Common Library add-on to obtain the Value Generator (Issue 8016).</li> <li>The SOAP Support Script has been superseded by a variant (Issue 6500).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/soap-v19/soap-beta-19.zap SHA-256:b752461e9412e42bca6b35dc9d54300927d3be098de580567f6250a1b5f77bb5 https://www.zaproxy.org/docs/desktop/addons/soap-support/ https://github.com/zaproxy/zap-extensions/ 2023-09-07 12825933 2.13.0 commonlib >= 1.17.0 & < 2.0.0 spider Spider Spider used for automatically finding URIs on a site. ZAP Dev Team 0.6.0 spider-release-0.6.0.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Depend on newer versions of Automation Framework and Common Library add-ons (Related to Issue 7961).</li> <li>Use Common Library add-on to obtain the Value Generator (Issue 8016).</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/spider-v0.6.0/spider-release-0.6.0.zap SHA-256:8f2bf87124139941a9b7d3b6adb5ef80bfffcabb73ec1b01b5a8d5fab49480e9 https://www.zaproxy.org/docs/desktop/addons/spider/ https://github.com/zaproxy/zap-extensions/ 2023-09-07 1148410 2.13.0 commonlib >= 1.17.0 & < 2.0.0 database network >=0.3.0 spiderAjax Ajax Spider Allows you to spider sites that make heavy use of JavaScript using Crawljax ZAP Dev Team 23.16.0 spiderAjax-release-23.16.0.zap release <h3>Changed</h3> <ul> <li>Maintenance changes.</li> <li>Depend on newer versions of Automation Framework and Common Library add-ons (Related to Issue 7961).</li> <li>Depend on newer version of Network add-on and allow to access the ZAP API while spidering.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/spiderAjax-v23.16.0/spiderAjax-release-23.16.0.zap SHA-256:856ba83c0e216be114e1dfa51802aa94309af3890f0da20a09004840b60c9515 https://www.zaproxy.org/docs/desktop/addons/ajax-spider/ https://github.com/zaproxy/zap-extensions/ 2023-09-26 7534502 2.13.0 commonlib >= 1.17.0 & < 2.0.0 network >=0.11.0 selenium 15.* sqliplugin Advanced SQLInjection Scanner An advanced active injection bundle for SQLi (derived by SQLMap) Andrea Pompili (Yhawke) 15 sqliplugin-beta-15.zap beta <h3>Fixed</h3> <ul> <li>Re-ordered variable initialization to prevent an NPE.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/sqliplugin-v15/sqliplugin-beta-15.zap SHA-256:76e857bd2fea0b57b641862ea5bef46365ac1b03a19371c5e818a5401f7d9384 https://www.zaproxy.org/docs/desktop/addons/advanced-sqlinjection-scanner/ https://github.com/zaproxy/zap-extensions/ 2021-10-20 534349 2.11.0 commonlib >= 1.5.0 & < 2.0.0 sse Server-Sent Events Allows you to view Server-Sent Events (SSE) communication. ZAP Dev Team 12 sse-alpha-12.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.12.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/sse-v12/sse-alpha-12.zap SHA-256:c8805d497f71495e1d7fab7dfccf1955cc996ff514e6c0154e7937a72fdafc6c https://www.zaproxy.org/docs/desktop/addons/server-sent-events/ https://github.com/zaproxy/zap-extensions/ 2022-10-28 334645 2.12.0 svndigger SVN Digger Files SVN Digger files which can be used with ZAP forced browsing ZAP Dev Team 4 svndigger-release-4.zap release <h3>Added</h3> <ul> <li>Add help.</li> <li>Add repo URL.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Promote to release status.</li> <li>Change info URL to link to the site.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/svndigger-v4/svndigger-release-4.zap SHA-256:5556efdf3fdb84ebd6cf3e76ca31e3fb6fb57c002cf14b2cf2f05f67bf2b622a https://www.zaproxy.org/docs/desktop/addons/svn-digger-files/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 713963 2.11.0 tips Tips and Tricks Display ZAP Tips and Tricks ZAP Dev Team 11 tips-beta-11.zap beta <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/tips-v11/tips-beta-11.zap SHA-256:963b911ab0dfb6c7d13ac91dc3e1aec81105cbb59d24a36e171da094411ee8d3 https://www.zaproxy.org/docs/desktop/addons/tips-and-tricks/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 575027 2.13.0 tokengen Token Generation and Analysis Allows you to generate and analyze pseudo random tokens, such as those used for session handling or CSRF protection ZAP Dev Team 15 tokengen-beta-15.zap beta <h3>Changed</h3> <ul> <li>Now using 2.10 logging infrastructure (Log4j 2.x).</li> <li>Maintenance changes.</li> <li>Update minimum ZAP version to 2.11.0.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/tokengen-v15/tokengen-beta-15.zap SHA-256:daef1d13d44a76b8735a30ed9e1e50fa87a85d02728bd7ae575197d173f942f9 https://www.zaproxy.org/docs/desktop/addons/token-generator/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 525206 2.11.0 treetools TreeTools Tools to add functionality to the tree view. Carl Sampson 8 treetools-beta-8.zap beta <h3>Added</h3> <ul> <li>Add help.</li> <li>Add info and repo URLs.</li> </ul> <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/treetools-v8/treetools-beta-8.zap SHA-256:b7f61f8939937ebc120bce8deb72713d7676087056e88801df2573112e7642e4 https://www.zaproxy.org/docs/desktop/addons/treetools/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 128931 2.11.0 viewstate ViewState ASP/JSF ViewState Decoder and Editor Calum Hutton 3 viewstate-alpha-3.zap alpha <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.11.0.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/viewstate-v3/viewstate-alpha-3.zap SHA-256:715caefd591415e79b32195361fea82aa8c6357b24e69530c22fde0a1b6dad17 https://www.zaproxy.org/docs/desktop/addons/viewstate/ https://github.com/zaproxy/zap-extensions/ 2021-10-07 148716 2.11.0 wappalyzer Wappalyzer - Technology Detection Technology detection using Wappalyzer: wappalyzer.com ZAP Dev Team 21.24.0 wappalyzer-release-21.24.0.zap release <h3>Changed</h3> <ul> <li>Dependency updates.</li> <li>Depend on newer versions of Automation Framework and Common Library add-ons (Related to Issue 7961).</li> </ul> <h3>Fixed</h3> <ul> <li>Ensure icons render when expected.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/wappalyzer-v21.24.0/wappalyzer-release-21.24.0.zap SHA-256:e7eb95f310da0874ba2baa2c2a35f83af314f5dac49edb95cb38ae5e8fda541d https://www.zaproxy.org/docs/desktop/addons/technology-detection/ https://github.com/zaproxy/zap-extensions/ 2023-09-07 18942985 2.13.0 commonlib >= 1.17.0 & < 2.0.0 webdriverlinux Linux WebDrivers Linux WebDrivers for Firefox and Chrome. ZAP Dev Team 62 webdriverlinux-release-62.zap release <h3>Changed</h3> <ul> <li>Update ChromeDriver to 117.0.5938.92.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/webdriverlinux-v62/webdriverlinux-release-62.zap SHA-256:273d4961e1022f1409ca19222a720aff40d30efc562803a632456811a87c6984 https://www.zaproxy.org/docs/desktop/addons/linux-webdrivers/ https://github.com/zaproxy/zap-extensions/ 2023-09-22 16390516 2.13.0 webdrivermacos MacOS WebDrivers MacOS WebDrivers for Firefox and Chrome. ZAP Dev Team 62 webdrivermacos-release-62.zap release <h3>Changed</h3> <ul> <li>Update ChromeDriver to 117.0.5938.92.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/webdrivermacos-v62/webdrivermacos-release-62.zap SHA-256:54b107035e2cc17e1603e5826d578d4ad76f9faaae9e6cc5142f6c5903190847 https://www.zaproxy.org/docs/desktop/addons/macos-webdrivers/ https://github.com/zaproxy/zap-extensions/ 2023-09-22 21004758 2.13.0 webdriverwindows Windows WebDrivers Windows WebDrivers for Firefox and Chrome. ZAP Dev Team 62 webdriverwindows-release-62.zap release <h3>Changed</h3> <ul> <li>Update ChromeDriver to 117.0.5938.92.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/webdriverwindows-v62/webdriverwindows-release-62.zap SHA-256:36399e46265543078deece697eb4ae46b40fca7b69d8c7574ef5417e81d966c8 https://www.zaproxy.org/docs/desktop/addons/windows-webdrivers/ https://github.com/zaproxy/zap-extensions/ 2023-09-22 18042013 2.13.0 websocket WebSockets Allows you to inspect WebSocket communication. ZAP Dev Team 29 websocket-release-29.zap release <h3>Changed</h3> <ul> <li>Update minimum ZAP version to 2.13.0.</li> <li>Maintenance changes.</li> <li>Replace usage of singletons with injected variables (e.g. <code>model</code>, <code>control</code>) in scripts.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/websocket-v29/websocket-release-29.zap SHA-256:c3cc1c21ae78f9e2942fff54cf39fb6b023bfbf46809fc7736eb47a823b67e81 https://www.zaproxy.org/docs/desktop/addons/websockets/ https://github.com/zaproxy/zap-extensions/ 2023-07-11 1403094 2.13.0 zest Zest - Graphical Security Scripting Language A graphical security scripting language, ZAPs macro language on steroids ZAP Dev Team 41 zest-beta-41.zap beta <h3>Added</h3> <ul> <li>Allow rendering Zest scripts in YAML. The format (JSON/YAML) may be changed via the Zest Options screen.</li> </ul> <h3>Changed</h3> <ul> <li>Depend on Common Library add-on.</li> <li>Maintenance changes.</li> </ul> https://github.com/zaproxy/zap-extensions/releases/download/zest-v41/zest-beta-41.zap SHA-256:1484c14efa69fea0c3bd07ff1813c238b8abd20306a193a4ac8a4aeff36f5856 https://www.zaproxy.org/docs/desktop/addons/zest/ https://github.com/zaproxy/zap-extensions/ 2023-09-26 5554220 2.13.0 commonlib >=1.16.0 network >=0.2.0 scripts selenium >= 15.13.0