Groups keyboard shortcuts have been updated

Dismiss

See shortcuts

ZAP Developer Group

1–30 of 2325

Welcome to the Zed Attack Proxy (ZAP) Development Group.

Please use this group for any questions about developing, fixing or extending ZAP.

Don't ask the same question on multiple ZAP forums - the ZAP Core Team monitors all of them.

And if you post spam then it will be deleted and your account blocked.

0 selected

Kirthika Krishnan, psiinon2

Apr 17

Not able to use the Firefox browser

Hi Kirthika, This is really a question about using ZAP rather than developing it, so in future please

unread,

Not able to use the Firefox browser

Hi Kirthika, This is really a question about using ZAP rather than developing it, so in future please

Apr 17

Tomasz Nowak, … kingthorin+zap3

Apr 10

Feature Request: "Duplicate" Button for Replacer Addon

This seems like: https://github.com/zaproxy/zaproxy/issues/7767 And the fix/feature that was started:

unread,

Feature Request: "Duplicate" Button for Replacer Addon

This seems like: https://github.com/zaproxy/zaproxy/issues/7767 And the fix/feature that was started:

Apr 10

Nick, psiinon8

Apr 10

Add-on debug

Thanks for letting us know! On Thursday, 10 April 2025 at 07:49:29 UTC+1 niccolol...@gmail.com wrote:

unread,

Add-on debug

Thanks for letting us know! On Thursday, 10 April 2025 at 07:49:29 UTC+1 niccolol...@gmail.com wrote:

Apr 10

zinw elzl, … Satish Verma3

Apr 3

Will you add ZAP MCP server?

Dear ZAP Team, I recently came across the discussion regarding the ZAP MCP server, and I am

unread,

Will you add ZAP MCP server?

Dear ZAP Team, I recently came across the discussion regarding the ZAP MCP server, and I am

Apr 3

psiinon

Mar 26

ZAP 2.16.1

ZAP by Checkmarx 2.16.1 has just been released! This is a bug fix release, along with some minor

unread,

ZAP 2.16.1

ZAP by Checkmarx 2.16.1 has just been released! This is a bug fix release, along with some minor

Mar 26

Mar 3

Question About Multiple Alerts with the Same Name but Different Alert IDs

I noticed that in ZAP Proxy, there are multiple alerts with the same name, (eg, Path Traversal,

unread,

Question About Multiple Alerts with the Same Name but Different Alert IDs

I noticed that in ZAP Proxy, there are multiple alerts with the same name, (eg, Path Traversal,

Mar 3

psiinon

Feb 24

ZAP Slack

We have a dedicated Slack for ZAP which is now open to all. You can get an invite via https://www.

unread,

ZAP Slack

We have a dedicated Slack for ZAP which is now open to all. You can get an invite via https://www.

Feb 24

Raphael Carvalho, … thc2025

Feb 19

An error occurred with the script: CustomScript. Error: Read timed out

Will do that, thanks @thc202 and Simon! On Tuesday, February 18, 2025 at 2:26:39 PM UTC-3 thc202

unread,

An error occurred with the script: CustomScript. Error: Read timed out

Will do that, thanks @thc202 and Simon! On Tuesday, February 18, 2025 at 2:26:39 PM UTC-3 thc202

Feb 19

Thoni A, thc2022

Feb 14

After loading a certificate, in browser certificate viewer is still showing the zap community cert info instead of custom cert info

Hi, I plan to look at this in the following days (no ETA yet). Best regards. On 12/02/2025 20:57,

unread,

After loading a certificate, in browser certificate viewer is still showing the zap community cert info instead of custom cert info

Hi, I plan to look at this in the following days (no ETA yet). Best regards. On 12/02/2025 20:57,

Feb 14

Defia Orca, thc...@gmail.com2

Feb 6

Request of Polishing (Coloring) the request and response headers

Hi, This is already being tracked/requested: https://github.com/zaproxy/zaproxy/issues/1907 Note that

unread,

Request of Polishing (Coloring) the request and response headers

Hi, This is already being tracked/requested: https://github.com/zaproxy/zaproxy/issues/1907 Note that

Feb 6

Arpit Thool, psiinon2

Jan 29

Seeking guidance on implementing ZAP security scanning pipeline

Hi Arpit, This question is about how to use ZAP - please ask them on the ZAP User Group: https://

unread,

Seeking guidance on implementing ZAP security scanning pipeline

Hi Arpit, This question is about how to use ZAP - please ask them on the ZAP User Group: https://

Jan 29

ozzy ozbourne, psiinon2

Jan 29

Tips on how to debug the add-on code

Hiya, Have you seen the ZAP Developer Guide? https://www.zaproxy.org/docs/developer/ Let us know if

unread,

Tips on how to debug the add-on code

Hiya, Have you seen the ZAP Developer Guide? https://www.zaproxy.org/docs/developer/ Let us know if

Jan 29

Ryan Mueller2

Jan 21

Issues Building from Source

I switched my java version to 21 and it runs good as new. Sorry for the commotion. Sincerely, Ryan

unread,

Issues Building from Source

I switched my java version to 21 and it runs good as new. Sorry for the commotion. Sincerely, Ryan

Jan 21

Rashmi Mehta, psiinon2

Jan 16

Curl command is not working

Hi Rasmi, This question is about how to use ZAP - please ask them on the ZAP User Group: https://

unread,

Curl command is not working

Hi Rasmi, This question is about how to use ZAP - please ask them on the ZAP User Group: https://

Jan 16

C PQ, psiinon2

Jan 16

To check the session is valid before doing the active scan

Hi Pei Qi, You dont need to check if the session is valid - ZAP does that for you. If theres no

unread,

To check the session is valid before doing the active scan

Hi Pei Qi, You dont need to check if the session is valid - ZAP does that for you. If theres no

Jan 16

C PQ, psiinon2

Jan 16

For active scan, how do I login first before scanning a specific URL?

Hi, This question is about how to use ZAP - please ask them on the ZAP User Group: https://groups.

unread,

For active scan, how do I login first before scanning a specific URL?

Hi, This question is about how to use ZAP - please ask them on the ZAP User Group: https://groups.

Jan 16

psiinon

Jan 10

ZAP 2.16.0 has been released

ZAP by Checkmarx 2.16.0 has just been released. It includes a brand new spider, detachable tabs,

unread,

ZAP 2.16.0 has been released

ZAP by Checkmarx 2.16.0 has just been released. It includes a brand new spider, detachable tabs,

Jan 10

Olindo Pindaro, psiinon3

Jan 7

how to use add-on on headless zap docker run?

Thanks for your kind answer. I have other questions but I will use the other group. Thanks a lot. Il

unread,

how to use add-on on headless zap docker run?

Thanks for your kind answer. I have other questions but I will use the other group. Thanks a lot. Il

Jan 7

Imran Bagwan, psiinon2

12/20/24

Accessing vulnerable parameter in HTTPSender script

Hiya, This is about how to use ZAP rather than how to work on ZAP code, so please ask on the User

unread,

Accessing vulnerable parameter in HTTPSender script

Hiya, This is about how to use ZAP rather than how to work on ZAP code, so please ask on the User

12/20/24

Abdelkhalek BERAOUD (letmewin), psiinon9

12/20/24

Can Spider get URLs available in the frontend when using some libraries like Ziggy?

Yeah, that would be good. Many thanks, Simon On Friday, 20 December 2024 at 15:35:28 UTC Abdelkhalek

unread,

Can Spider get URLs available in the frontend when using some libraries like Ziggy?

Yeah, that would be good. Many thanks, Simon On Friday, 20 December 2024 at 15:35:28 UTC Abdelkhalek

12/20/24

Manuel, … psiinon5

12/19/24

False positive Vulnerability/RetireJs finding

No problem - its not always easy to work out where underlying issues are located :) Thanks for

unread,

False positive Vulnerability/RetireJs finding

No problem - its not always easy to work out where underlying issues are located :) Thanks for

12/19/24

Nathan, psiinon3

12/13/24

Hidden File Found - Medium

ok thanks I have posted the same on there now. On Friday, December 13, 2024 at 11:07:01 AM UTC

unread,

Hidden File Found - Medium

ok thanks I have posted the same on there now. On Friday, December 13, 2024 at 11:07:01 AM UTC

12/13/24

Omkar Kumbhar, … psiinon6

12/11/24

How to get a report of Passing and Failed Tests in ZAP Active Scan

These questions are all about how to use ZAP - please ask them on the ZAP User Group: https://groups.

unread,

How to get a report of Passing and Failed Tests in ZAP Active Scan

These questions are all about how to use ZAP - please ask them on the ZAP User Group: https://groups.

12/11/24

psiinon

11/28/24

Checkmarx SAST scanning

If you submit PRs to ZAP repos then you will notice new comments that appear to come from me: https:/

unread,

Checkmarx SAST scanning

If you submit PRs to ZAP repos then you will notice new comments that appear to come from me: https:/

11/28/24

Yash Prajapati, psiinon3

11/21/24

Facing issues with API key in CLI

Hey Simon, Apologies for inconvenience. Thanks for guidance. Yash On Thu, Nov 21, 2024 at 7:42 PM

unread,

Facing issues with API key in CLI

Hey Simon, Apologies for inconvenience. Thanks for guidance. Yash On Thu, Nov 21, 2024 at 7:42 PM

11/21/24

hemanshu rana, psiinon2

11/21/24

ZAP Issue with report creation + Microsoft Login via API

Hi, Please ask questions like this on the ZAP User Group: https://groups.google.com/group/zaproxy-

unread,

ZAP Issue with report creation + Microsoft Login via API

Hi, Please ask questions like this on the ZAP User Group: https://groups.google.com/group/zaproxy-

11/21/24

Jonathan Wilbert Gunawan, psiinon4

11/19/24

How to Make OWASP ZAP Scan Results More Specific for Certain Folders or Endpoints?

Hi Jonathan, This group is for developing ZAP :) It does not sound like you are helping us to develop

unread,

How to Make OWASP ZAP Scan Results More Specific for Certain Folders or Endpoints?

Hi Jonathan, This group is for developing ZAP :) It does not sound like you are helping us to develop

11/19/24

koirala sanskrit, kingthorin+zap3

11/18/24

Functionality for Debugging Active Rules Scripts

As for creating policies check here: - https://www.zaproxy.org/docs/desktop/ui/dialogs/scanpolicy/ -

unread,

Functionality for Debugging Active Rules Scripts

As for creating policies check here: - https://www.zaproxy.org/docs/desktop/ui/dialogs/scanpolicy/ -

11/18/24

psiinon

10/25/24

ZAP code & Lombok

We have just started to use Lombok in the ZAP codebase: https://projectlombok.org/ Lombok allows us

unread,

ZAP code & Lombok

We have just started to use Lombok in the ZAP codebase: https://projectlombok.org/ Lombok allows us

10/25/24

Bruno Ronda, thc...@gmail.com3

10/21/24

Issues With Cloning ZAP Repo

Hi Ricardo, Thanks for your reply. I finally managed to clone... with a whole different network.

unread,

Issues With Cloning ZAP Repo

Hi Ricardo, Thanks for your reply. I finally managed to clone... with a whole different network.

10/21/24