A collection of add-ons that extend the capabilities of the Zed Attack Proxy (ZAP) for enhanced web security testing and automation.
ZAP Add-ons
This tool is used by security professionals and developers to enhance the functionality of ZAP, a popular web application security scanner, by adding specialized modules for vulnerability scanning, API security, and automation. Users can browse, download, and integrate these add-ons directly within ZAP to tailor the tool to their specific testing needs.
Users should have a working knowledge of Gradle to build add-ons from source. It is recommended to use the latest version of ZAP to ensure compatibility with add-ons. Add-ons enhance ZAP's core functionality but require proper configuration within ZAP for effective use.
Clone the repository from GitHub
Navigate to the addOns directory containing individual add-on projects
Build the add-ons using Gradle as per https://www.zaproxy.org/docs/developer/quick-start-build/
Launch ZAP and browse/download add-ons via the toolbar button
Alternatively, download add-ons from the releases page and import via 'File / Load Add-on File...' menuUse the toolbar button in ZAP to browse and download add-ons
Allows users to explore and install add-ons directly within the ZAP interface
File / Load Add-on File...
Manually import downloaded add-ons into ZAP
./gradlew build
Build all add-ons using Gradle (run from the repository root)