System Installed: Install/Extract ZAP

1. Download ZAP
   

   • ZAP releases can be found here.

   • The .exe of the version (ZAP 2.6.0 Standard) which was used to test this release can be found here.

     Notice: If you're using a weekly release, remember that the weekly releases are removed after a while (there's no fixed schedule for it).

     
     

2. Determine path
   
   • Determine where to keep ZAP, in my case ZAP is located in C:\Development\OWASP\Zed Attack Proxy\2.6.0\

System Installed: Environment Variable

1. Setup your %ZAPROXY_HOME% Environment Variable

   

   Info: Remember to add %ZAPROXY_HOME% to your %PATH%.

   
   

2. Setup your %ZAPROXY_SETTINGS% Environment Variable
   

   

   Info: Remember to add %ZAPROXY_SETTINGS% to your %PATH%.

   Notice: Remember that if you're using a weekly release, %ZAPROXY_SETTINGS% will have a _D appeneded to the folder name.

System Installed: .bat Modification

1. Add %ZAPROXY_HOME%

2. Add double quotes

   Required: The double quotes are mandatory if %ZAPROXY_HOME% has spaces. Otherwise it's an optional addition.

3. Increase allocated RAM 
   • See Database Size Vs. Available Memory.

System Installed: Shortcut (Optional)

Desktop shortcut

Create a shortcut to %COMSPEC% /k cd %HOMEDRIVE%%HOMEPATH% && "%ZAPROXY_HOME%\zap.bat" -installdir "%ZAPROXY_HOME%" .

System Installed: Job Configuration

1. Select System Installed
    
2. Specify ZAP Home
    
3. Specify Initialization Timeout
    
4. Add ZAP command line options
    

   • Please see HelpCmdline for more information.

     Notice: Adding ZAP command line options can interfere with other UI option of the plugin. USE WITH CAUTION.

     Notice: The only required command line option is installdir as indicated above. If %ZAPROXY_HOME% contains spaces in the path, remember to use double quotes as indicated in the illustration above.