Skip to content

GetInvolved

thc202 edited this page Jul 6, 2015 · 3 revisions
Clone this wiki locally

ZAP Get Involved

Involvement in the development of ZAP is actively encouraged!
You do not have to be a security expert in order to contribute.

Some of the ways you can help:

Promote ZAP

While ZAP is becoming increasingly popular, there are still many people who could benefit from it who havnt heard about it.

You can help by:
  • Blogging about ZAP
  • Tweeting about ZAP (be sure to include @zaproxy)
  • Starring and/or G+1'ing this project (and zap-extensions)
  • Reviewing ZAP in sites like ohloh
  • Telling people you use it
  • Giving talks about it - and let us know if you need help with slides etc

Feature Requests

Please raise new feature requests as enhancement requests here: https://github.com/zaproxy/zaproxy/issues
If there are existing requests you are also interested in then please 'star' them - that way we can see which features people are most interested in and can prioritize them accordingly.

Feedback

Please use the zaproxy-develop Google Group for feedback:
  • What do like?
  • What don't you like?
  • What features could be made easier to use?
  • How could the help pages be improved?
  • Examples of vulnerabilities that ZAP doesn't detect
  • Examples of false positives that ZAP incorrectly flags

Ideally we'd like example vulnerabilities and false positives in the same format as the ZAP Web Application Vulnerability Examples: https://github.com/zaproxy/zaproxy/wiki/Downloads but if you're not good with JSPs then we'll accept them in any format if necessary!

Log issues

Have you had a problem using ZAP?
If so and its not already been logged then please [report it](https://github.com/zaproxy/zaproxy/issues)

Localization

Are you fluent in another language?
Can you help translate ZAP into that language?
If so then just go to http://crowdin.net/project/owasp-zap and get stuck in

Development

If you fancy having a go at adding functionality to ZAP then please get in touch via the
zaproxy-develop Google Group.
We have a list of projects on this wiki ideal for people new to ZAP to work on.
Also have a look at some notes about providing new Scanner Rules.
Again, you do not have to be a security expert to contribute code - working on ZAP
could be great way to learn more about web application security!
If you actively contribute to ZAP then you will be invited to join the project.