Download

Software Bill of Materials

ZAP includes a runtime Software Bill of Materials (SBOM) generated by CycloneDX for both the ZAP core and all of the add-ons maintained by the ZAP team. Each SBOM will appear as a file called “bom.json” included at the root of the ZAP JARs.

Runtime SBOMs for the ZAP core and the add-ons you have installed can be accessed in ZAP as per the Software Bill of Materials help page.

Note that SBOMs may not be available if you run ZAP from the source code, and some 3rd party add-ons may also not define them.

The full set of available build time add-on SBOMs are:

Name Components
Access Control Testing Add-on SBOM 119
Active scanner rules (alpha) Add-on SBOM 118
Active scanner rules (beta) Add-on SBOM 146
Active scanner rules Add-on SBOM 148
Ajax Spider Add-on SBOM 191
Alert Filters Add-on SBOM 124
Authentication Helper Add-on SBOM 191
Automation Framework Add-on SBOM 123
Call Home Add-on SBOM 111
Client Side Integration Add-on SBOM 179
Common Library Add-on SBOM 124
Custom Payloads Add-on SBOM 124
Database Add-on SBOM 125
Dev Add-on Add-on SBOM 118
Diff Add-on SBOM 80
Directory List v1.0 Add-on SBOM 65
DOM XSS Active scanner rule Add-on SBOM 185
Encoder Add-on SBOM 124
Eval Villain Add-on SBOM 61
Forced Browse Add-on SBOM 124
FuzzAI Files Add-on SBOM 60
Fuzzer Add-on SBOM 128
Getting Started with ZAP Guide Add-on SBOM 65
GraalVM JavaScript Add-on SBOM 137
GraphQL Support Add-on SBOM 145
Groovy Support Add-on SBOM 165
gRPC Support Add-on SBOM 134
Image Location and Privacy Scanner Add-on SBOM 121
Import/Export Add-on SBOM 127
Invoke Applications Add-on SBOM 79
Linux WebDrivers Add-on SBOM 127
MacOS WebDrivers Add-on SBOM 127
Network Add-on SBOM 107
OAST Support Add-on SBOM 148
Online menus Add-on SBOM 65
OpenAPI Support Add-on SBOM 179
Parameter Digger Add-on SBOM 118
Passive Scanner Add-on SBOM 124
Passive scanner rules (alpha) Add-on SBOM 119
Passive scanner rules (beta) Add-on SBOM 124
Passive scanner rules Add-on SBOM 126
Postman Support Add-on SBOM 124
Python Scripting Add-on SBOM 120
Quick Start Add-on SBOM 195
Replacer Add-on SBOM 124
Report Generation Add-on SBOM 138
Requester Add-on SBOM 124
Retest Add-on SBOM 124
Retire.js Add-on SBOM 124
Reveal Add-on SBOM 65
Revisit Add-on SBOM 63
Scan Policies Add-on SBOM 65
Script Console Add-on SBOM 125
Selenium Add-on SBOM 176
Sequence Add-on SBOM 189
Server-Sent Events Add-on SBOM 107
SOAP Support Add-on SBOM 150
Spider Add-on SBOM 135
Technology Detection Add-on SBOM 127
Tips and Tricks Add-on SBOM 65
Value Generator Add-on SBOM 124
WebSockets Add-on SBOM 128
Windows WebDrivers Add-on SBOM 127
Zest - Graphical Security Scripting Language Add-on SBOM 187