GSoC 2024

Unfortunately ZAP was not chosen to be a GSoC mentoring organisation in 2024.

However we are always very happy to mentor people working on ZAP, so if you would like to work on any ZAP projects then please get in touch via the ZAP Developer Group.

Proposed Projects

gRPC Support

  • Expected Size: 350 Hours
  • Skills: Java
  • Difficulty: Intermediate

Issue: #7695 gRPC Support

gRPC requests should already be shown in the History / Sites tree as binary requests.

This project would add support for:

  • A gRPC body view/editor
  • A gRPC variant
  • gRPC fuzzing support
  • A set of ascan rules which specifically target gRPC requests, e.g.
    • Changing types
    • Trying to call other classes / methods

Web Based UI

  • Expected Size: 350 Hours
  • Skills: JavaScript / TypeScript
  • Difficulty: Intermediate

Related Add-on: https://github.com/zaproxy/zap-extensions/tree/main/addOns/webuipoc

The ZAP Desktop GUI is showing its age. A replacement UI implemented using a modern web framework could prove to be very popular.

The current ZAP desktop has a huge range of features, so we do not expect this project to implement all of them.

It should:

  • Support a set of key features (e.g. History, Sites Tree, viewing and manipulating Requests and Responses).
  • Be plugable (to allow add-ons to implement their own content)
  • Be easy to extend
  • Be easy to maintain
  • Be secure (!)
  • Load quickly
  • Look good and be a pleasure to use

AI Integration

  • Expected Size: 175 or 350 Hours
  • Skills: Java
  • Difficulty: Intermediate

Issue: #8343 AI Integration

How could we use AI to make ZAP more effective?

  • Understand the technologies behind an app better?
  • Suggest more effective payloads?
  • Improve false positive detection?
  • Generate better reports?

This project is all about exploring those possibilities and finding out what actually works.

Your Own Idea

  • Expected Size: 90, 175, or 350 Hours
  • Skills: Java
  • Difficulty: Easy, Intermediate, or Hard

We are always delighted to hear from contributors who have their own ideas for projects. You are encouraged to discuss these with us 😁.

Mentors

For all projects the mentors will be at least 2 of the ZAP Core Team: