NEW

Start with the pressure: sales, launch, abuse, agents, data, or guardrails

Use the engagement router
aisecurityllc
Sign inStart AI Security Assessment
aisecurityllc
Start AI Security Assessment
All integrations

Connectors · Security Tools

ZAP

Evidence Connector for OWASP ZAP

Detect AI traffic passively inside OWASP ZAP.

Local firstIn developmentzap add onattackevidence
Request accessBack to integrations

Screenshots coming soon

Visual walkthrough of Evidence Connector for OWASP ZAP in progress

Overview

The SecEng Evidence Connector for OWASP ZAP is a ZAP add-on that registers a passive scan rule. It watches HTTP traffic flowing through ZAP and flags AI-related requests and responses to the SecEng sidecar. The connector operates with fail-closed semantics — if the sidecar is unreachable, the connector stops forwarding rather than silently dropping findings. Sensitive headers are auto-redacted in transit.

Features

  1. 01.

    Passive scan rule

    Registers a ZAP passive scan rule that fires on every request/response pair, with no active scanning or additional network traffic.

  2. 02.

    Fail-closed sidecar integration

    If the sidecar is unreachable or returns a policy violation, the connector halts rather than sending data to an unknown endpoint.

  3. 03.

    Automatic header redaction

    Authorization, Cookie, and other sensitive headers are masked before the payload is forwarded to the sidecar.

  4. 04.

    Evidence attachment

    Confirmed findings are attached to your SecEng evidence store with request/response context for inclusion in AI risk assessments.

  5. 05.

    Sidecar version enforcement

    The connector checks the sidecar's reported version and refuses to operate against an outdated sidecar (minimum 0.1.0).

Install steps

  1. Step 01

    Acquire ZAP dependency JARs (zap-2.15.0.jar, paros-2.15.0.jar, jerichohtml-3.4.jar) and place them in `apps/zap-evidence-connector/libs/`.

  2. Step 02

    Build: `./gradlew build` from `apps/zap-evidence-connector/`.

  3. Step 03

    In ZAP, go to File → Load Add-on and select the JAR from `build/libs/`.

  4. Step 04

    Start the SecEng sidecar (`http://127.0.0.1:17371`) before enabling active scanning.

Capabilities

capture trafficreport findingattach evidenceexport json

Surfaces

passive scannersidebar

Scan modes

http_requesthttp_response

Privacy architecture

Local first

This integration runs 100% in-process using a compiled WASM engine. Text is scanned locally — nothing is transmitted to a server, no analytics, no telemetry. Ideal for regulated environments where data residency and air-gap requirements apply.

Native manifest:zap add on

Platform vendor

OWASP Foundation

This integration is built by aisecurity.llc and runs natively on OWASP Foundation.

WebsiteDeveloper docsMarketplaceGitHubTwitter / X

Early access

Get early access — Trust Scanner integrations are in active development

Evidence Connector for OWASP ZAP and all 40integrations are under active development. Tell us what you need and we'll prioritize your platform.

Request accessBrowse all integrations