Skip to content
kingthorin edited this page Feb 11, 2020 · 12 revisions

Related Projects

ZAP related projects, as opposed to standalone tools, which are listed on the Related Tools page.

Last full update of Status column: 20180523.

Name/Link Description Status
Jenkins zap-plugin The official Jenkins plugin for ZAP. (https://github.com/jenkinsci/zap-plugin) Active
zap-cli A simple tool for interacting with OWASP ZAP from the commandline Active
owasp-zap-vsts-task Visual Studio Team Services build/release task for running OWASP ZAP automated security tests Active
zap-sonar-plugin Home of the ZAP SonarQube plugin. Integrates OWASP Zed Attack Proxy reports into SonarQube Active
attack-surface-detector-zap The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters Active
zap2docker Zed Attack Proxy in a docker image together with zapr and x11vnc/novnc for GUI access Stale
The ZAP project now maintains docker images: https://github.com/zaproxy/zaproxy/wiki/Downloads#docker
zap-script-proxy-rewrite ZAProxy script template for rewriting proxied HTTP requests Stale
Should still work
deja-vu An OWASP ZAP extension that compares the current page content to "revived" content from caching repositories Stale
diviner Diviner is an active information gathering platform, built as a ZAP extension, and aimed to enhance the tester’s decision making process (Old link: https://code.google.com/p/diviner/) Stale
good-old-files An OWASP ZAP extension that enhances the detection of obsolete and hidden files Stale
grails-zap-security-tests-plugin Grails plugin to run security tests using the OWASP's Zed Attack Proxy Stale
grunt-zaproxy Grunt tasks for ZAProxy Stale
HtmlReportThroughZapAPIs Workaround scripts to enable html report formatting with the OWASP ZAP APIs Stale
minion-zap-plugin Minion ZAP Plugin Stale
node-zaproxy ZAProxy Client API for Node.js. Generated using the ZAProxy API generator  
OwaspZap A ruby client to access the HTTP API from ZAP Proxy Stale
owasp_zap A ruby client to access the HTTP API from ZAP Stale
OWASP_ZAP-OSX OWASP ZAP OSX Installer - Hackports Submodule Stale
php-api-generator-for-owasp-zap PHP client API generator for OWASP ZAP Stale
php-owasp-zap-v2 PHP client API for OWASP ZAP Stale
pytest-zap OWASP Zed Attack Proxy plugin for py.test Stale
rhinauditor Static analyzer for JavaScript aiming for security bugs (inc ZAP add-on with passive scan rules) Stale
VEHICLE Viewstate Hidden Event Enumerator - ZAP extension Stale
zap-extension-betterfuzz Reworking of OWASP's ZAP Fuzz extension Stale
zapper Run OWASP ZAP in Jenkins for automated security testing Stale
zapr Easy to use command line security scanner Stale
zap-gradle-plugin Standalone gradle plugin to aid in integrating OWASP ZAP Stale
zap-java-api A client API for OWASP ZAP that uses Java types. Stale
ZapPenTester Command line tool that enables automated penetration testing in the Microsoft stack using OWASP ZAP Stale
zaproxy-cookbook Installs the OWASP Zed Attack Proxy Stale
zap-maven-plugin This is a Maven Plugin to control ZAProxy. It is based on https://code.google.com/p/zap-maven-plugin Stale
zap-plugin Plugin for displaying OWASP Zed Attack Proxy alerts into Jenkins CI Stale
zap-webdriver Example security tests using Selenium WebDriver and OWASP ZAP Stale

Please note that we will happily host ZAP add-ons on the ZAP Marketplace which will make it much easier for ZAP users to discover, install and update your add-ons, as long as we can build and sanity check them ourselves (to reduce the chance of malicious code;).

Post to the ZAP Developer group to ask for your add-on to be hosted by us.

Clone this wiki locally