Download

Software Bill of Materials

ZAP includes a runtime Software Bill of Materials (SBOM) generated by CycloneDX for both the ZAP core and all of the add-ons maintained by the ZAP team. Each SBOM will appear as a file called “bom.json” included at the root of the ZAP JARs.

Runtime SBOMs for the ZAP core and the add-ons you have installed can be accessed in ZAP as per the Software Bill of Materials help page.

Note that SBOMs may not be available if you run ZAP from the source code, and some 3rd party add-ons may also not define them.

The full set of available build time add-on SBOMs are:

Name Components
Access Control Testing Add-on SBOM 119
Active scanner rules (alpha) Add-on SBOM 118
Active scanner rules (beta) Add-on SBOM 140
Active scanner rules Add-on SBOM 142
Ajax Spider Add-on SBOM 189
Alert Filters Add-on SBOM 118
Authentication Helper Add-on SBOM 186
Automation Framework Add-on SBOM 117
Call Home Add-on SBOM 106
Client Side Integration Add-on SBOM 177
Common Library Add-on SBOM 117
Custom Payloads Add-on SBOM 105
Database Add-on SBOM 120
Dev Add-on Add-on SBOM 118
Diff Add-on SBOM 74
Directory List v1.0 Add-on SBOM 60
DOM XSS Active scanner rule Add-on SBOM 182
Encoder Add-on SBOM 119
Eval Villain Add-on SBOM 61
Forced Browse Add-on SBOM 119
FuzzAI Files Add-on SBOM 60
Fuzzer Add-on SBOM 122
Getting Started with ZAP Guide Add-on SBOM 60
GraalVM JavaScript Add-on SBOM 130
GraphQL Support Add-on SBOM 135
Groovy Support Add-on SBOM 165
gRPC Support Add-on SBOM 134
Image Location and Privacy Scanner Add-on SBOM 121
Import/Export Add-on SBOM 122
Invoke Applications Add-on SBOM 73
Linux WebDrivers Add-on SBOM 127
MacOS WebDrivers Add-on SBOM 127
Network Add-on SBOM 102
OAST Support Add-on SBOM 143
Online menus Add-on SBOM 60
OpenAPI Support Add-on SBOM 172
Parameter Digger Add-on SBOM 118
Passive Scanner Add-on SBOM 118
Passive scanner rules (alpha) Add-on SBOM 119
Passive scanner rules (beta) Add-on SBOM 118
Passive scanner rules Add-on SBOM 120
Postman Support Add-on SBOM 120
Python Scripting Add-on SBOM 120
Quick Start Add-on SBOM 193
Replacer Add-on SBOM 118
Report Generation Add-on SBOM 132
Requester Add-on SBOM 118
Retest Add-on SBOM 118
Retire.js Add-on SBOM 118
Reveal Add-on SBOM 60
Revisit Add-on SBOM 63
Scan Policies Add-on SBOM 61
Script Console Add-on SBOM 119
Selenium Add-on SBOM 174
Sequence Add-on SBOM 63
Server-Sent Events Add-on SBOM 107
SOAP Support Add-on SBOM 147
Spider Add-on SBOM 129
Technology Detection Add-on SBOM 121
Tips and Tricks Add-on SBOM 60
Value Generator Add-on SBOM 107
WebSockets Add-on SBOM 126
Windows WebDrivers Add-on SBOM 127
Zest - Graphical Security Scripting Language Add-on SBOM 185