Download

Software Bill of Materials

ZAP includes a runtime Software Bill of Materials (SBOM) generated by CycloneDX for both the ZAP core and all of the add-ons maintained by the ZAP team. Each SBOM will appear as a file called “bom.json” included at the root of the ZAP JARs.

Runtime SBOMs for the ZAP core and the add-ons you have installed can be accessed in ZAP as per the Software Bill of Materials help page.

Note that SBOMs may not be available if you run ZAP from the source code, and some 3rd party add-ons may also not define them.

The full set of available build time add-on SBOMs are:

Name Components
Access Control Testing Add-on SBOM 119
Active scanner rules (alpha) Add-on SBOM 118
Active scanner rules (beta) Add-on SBOM 155
Active scanner rules Add-on SBOM 157
Ajax Spider Add-on SBOM 193
Alert Filters Add-on SBOM 124
Authentication Helper Add-on SBOM 237
Automation Framework Add-on SBOM 129
Call Home Add-on SBOM 111
Client Side Integration Add-on SBOM 181
Common Library Add-on SBOM 128
Custom Payloads Add-on SBOM 124
Database Add-on SBOM 130
Dev Add-on Add-on SBOM 123
Diff Add-on SBOM 80
Directory List v1.0 Add-on SBOM 65
DOM XSS Active scanner rule Add-on SBOM 185
Encoder Add-on SBOM 124
Eval Villain Add-on SBOM 61
Forced Browse Add-on SBOM 124
FuzzAI Files Add-on SBOM 60
Fuzzer Add-on SBOM 128
Getting Started with ZAP Guide Add-on SBOM 65
GraalVM JavaScript Add-on SBOM 137
GraphQL Support Add-on SBOM 154
Groovy Support Add-on SBOM 165
gRPC Support Add-on SBOM 134
Image Location and Privacy Scanner Add-on SBOM 121
Import/Export Add-on SBOM 133
Invoke Applications Add-on SBOM 79
Linux WebDrivers Add-on SBOM 127
MacOS WebDrivers Add-on SBOM 127
Network Add-on SBOM 109
OAST Support Add-on SBOM 148
Online menus Add-on SBOM 65
OpenAPI Support Add-on SBOM 185
Parameter Digger Add-on SBOM 118
Passive Scanner Add-on SBOM 130
Passive scanner rules (alpha) Add-on SBOM 130
Passive scanner rules (beta) Add-on SBOM 130
Passive scanner rules Add-on SBOM 132
Postman Support Add-on SBOM 124
Python Scripting Add-on SBOM 120
Quick Start Add-on SBOM 195
Replacer Add-on SBOM 124
Report Generation Add-on SBOM 145
Requester Add-on SBOM 124
Retest Add-on SBOM 124
Retire.js Add-on SBOM 129
Reveal Add-on SBOM 65
Revisit Add-on SBOM 63
Scan Policies Add-on SBOM 65
Script Console Add-on SBOM 132
Selenium Add-on SBOM 175
Sequence Add-on SBOM 189
Server-Sent Events Add-on SBOM 107
SOAP Support Add-on SBOM 150
Spider Add-on SBOM 144
Technology Detection Add-on SBOM 134
Tips and Tricks Add-on SBOM 65
Value Generator Add-on SBOM 124
WebSockets Add-on SBOM 128
Windows WebDrivers Add-on SBOM 127
Zest - Graphical Security Scripting Language Add-on SBOM 184