forked from zaproxy/zaproxy
-
Notifications
You must be signed in to change notification settings - Fork 2
RelatedProjects
kingthorin edited this page Apr 23, 2020
·
12 revisions
ZAP related projects, as opposed to standalone tools, which are listed on the Related Tools page.
Last full update of Status column: 20180523.
| Name/Link | Description | Status |
|---|---|---|
| node-zaproxy | ZAProxy Client API for Node.js. Generated using the ZAProxy API generator | Active |
| zap-cli | A simple tool for interacting with OWASP ZAP from the commandline | Active |
| owasp-zap-vsts-task | Visual Studio Team Services build/release task for running OWASP ZAP automated security tests | Active |
| zap-sonar-plugin | Home of the ZAP SonarQube plugin. Integrates OWASP Zed Attack Proxy reports into SonarQube | Active |
| attack-surface-detector-zap | The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters | Active |
| zap2docker | Zed Attack Proxy in a docker image together with zapr and x11vnc/novnc for GUI access | Stale The ZAP project now maintains docker images: https://www.zaproxy.org/download/#docker |
| zap-script-proxy-rewrite | ZAProxy script template for rewriting proxied HTTP requests | Stale Should still work |
| deja-vu | An OWASP ZAP extension that compares the current page content to "revived" content from caching repositories | Stale |
| diviner | Diviner is an active information gathering platform, built as a ZAP extension, and aimed to enhance the tester’s decision making process (Old link: https://code.google.com/p/diviner/) | Stale |
| good-old-files | An OWASP ZAP extension that enhances the detection of obsolete and hidden files | Stale |
| grails-zap-security-tests-plugin | Grails plugin to run security tests using the OWASP's Zed Attack Proxy | Stale |
| grunt-zaproxy | Grunt tasks for ZAProxy | Stale |
| HtmlReportThroughZapAPIs | Workaround scripts to enable html report formatting with the OWASP ZAP APIs | Stale |
| minion-zap-plugin | Minion ZAP Plugin | Stale |
| Jenkins zap-plugin | The official Jenkins plugin for ZAP. (https://github.com/jenkinsci/zap-plugin) | Stale |
| OwaspZap | A ruby client to access the HTTP API from ZAP Proxy | Stale |
| owasp_zap | A ruby client to access the HTTP API from ZAP | Stale |
| OWASP_ZAP-OSX | OWASP ZAP OSX Installer - Hackports Submodule | Stale |
| php-api-generator-for-owasp-zap | PHP client API generator for OWASP ZAP | Stale |
| php-owasp-zap-v2 | PHP client API for OWASP ZAP | Stale |
| pytest-zap | OWASP Zed Attack Proxy plugin for py.test | Stale |
| rhinauditor | Static analyzer for JavaScript aiming for security bugs (inc ZAP add-on with passive scan rules) |
Stale |
| VEHICLE | Viewstate Hidden Event Enumerator - ZAP extension | Stale |
| zap-extension-betterfuzz | Reworking of OWASP's ZAP Fuzz extension | Stale |
| zapper | Run OWASP ZAP in Jenkins for automated security testing | Stale |
| zapr | Easy to use command line security scanner | Stale |
| zap-gradle-plugin | Standalone gradle plugin to aid in integrating OWASP ZAP | Stale |
| zap-java-api | A client API for OWASP ZAP that uses Java types. | Stale |
| ZapPenTester | Command line tool that enables automated penetration testing in the Microsoft stack using OWASP ZAP | Stale |
| zaproxy-cookbook | Installs the OWASP Zed Attack Proxy | Stale |
| zap-maven-plugin | This is a Maven Plugin to control ZAProxy. It is based on https://code.google.com/p/zap-maven-plugin | Stale |
| zap-plugin | Plugin for displaying OWASP Zed Attack Proxy alerts into Jenkins CI | Stale |
| zap-webdriver | Example security tests using Selenium WebDriver and OWASP ZAP |
Stale |
Please note that we will happily host ZAP add-ons on the ZAP Marketplace which will make it much easier for ZAP users to discover, install and update your add-ons, as long as we can build and sanity check them ourselves (to reduce the chance of malicious code;).
Post to the ZAP Developer group to ask for your add-on to be hosted by us.