Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
This page details projects suitable for people new to ZAP to work on.
For projects suitable for student projects see the OpenProjects page
They are intended to be non-trivial enhancements and could be ideal for students working in higher education to implement as part of their courses. However they are not restricted to students - anyone can work on them.
If you are interested in working on one of these projects then please get in touch. We will need to flesh out the projects in more detail ;)
If you are looking for a easier way to get into the code then have a look at issues with the IdealFirstBug tag - they should be relatively easy and fairly well documented issues.
We have some advice for working on ZAP developments.
And do check of the blog posts about ZAP development.
|Add a todo / tasks list tab||Medium||Easy?||Issue 119||Vishesh||Simon|
|Allow ZAP to be run as a Windows Service||Small||Easy?||Issue 392||Rohan||Simon|
|Mittn integration||Medium||Medium||Issue 1403||Simon|
|Gauntlt integration||Medium||Medium||Issue 439||Simon|
|Technology detection using
|Advanced reporting - giving the user much more control of what included in reports and how its presented||Medium||Medium||Issue 139, Issue 222, Issue 357||Simon|
|An add-on generating add-on||Easy/Medium?||Medium||Issue 519||Simon|
|SOCKS proxy support - for both SOCKS4 and SOCK5 protocols||Medium/BIG||Hard||Issue 29|
|SQL Injection scanner for Microsoft SQL Server - using the MySQL/Hypersonic/PostgreSQL scanners as templates||Small||Medium||Colm|
|SQL Injection scanner for DB2 - using the MySQL/Hypersonic/PostgreSQL scanners as templates||Small||Medium||Colm|
|SQL Injection scanner for Informix - using the MySQL/Hypersonic/PostgreSQL scanners as templates||Small||Medium||Colm|
|SQL Injection scanner for SQLite - using the MySQL/Hypersonic/PostgreSQL scanners as templates||Small||Medium||Colm|
|Set up scripting to automatically run Zap against various deliberately vulnerable test suits (Wavsep,DVWA, WebGoat, etc)||Medium||Medium||Colm/Simon?|
|AMF support||Medium||Medium||Issue 137|
|Bug tracker support||Medium||Medium||Issue 440||Simon|
|Add support for new smartcards (PKCS#11)||Small||Medium||ZAP SmartCard Project||Raul|
|Enhance HTTP Session Handling||Medium||Medium||Issue 117||Guifré|
|Override hosts file||Medium||Small||Issue 977||Simon|
|JS beautifier||Medium||Medium||Issue 1014||Simon|
Note that this is not an absolute list. We have many more enhancement requests, many of which would be suitable as projects.
And also feel free to suggest new projects that arent on any list!