Top Level Toolbar

This toolbar provides a set of controls for commonly used functionality.

Mode pulldown

This allows you to change the current mode.

  New Session

This button is the same as the File menu 'New Session' menu item.

  Open Session

This button is the same as the File menu 'Open Session' menu item.

  Save Session As

This button is the same as the File menu 'Save As...' menu item.

  Session Properties...

This button is the same as the File menu 'Properties...' menu item.

  Options...

This button is the same as the Tools menu 'Options...' menu item.

  Expand Sites Tab

This changes the display so that the 'tree' window containing the Sites tab extends for the full length of the left hand side.
This will reduce the amount of space available to the 'information' window.

  Expand Information Tabs

This changes the display so that the 'information' window extends for the full length of the bottom.
This will reduce the amount of space available to the 'tree' window.

 /    (Unset) Show / enable fields

When selected this button causes hidden fields to be displayed and disabled fields to be enabled.

 /    Set / Unset break on all requests

This sets and unsets a 'global' break point that will trap and display the next request in the Break tab.
You can then change any part of the request that you want to and send it to the target application by pressing either of the 'Step' or 'Continue' buttons.
Alternatively you can press the 'Drop' button to dispose of the request.

 /    Set / Unset break on all responses

This sets and unsets a 'global' break point that will trap and display the next response in the Break tab.
You can then change any part of the response that you want to and send it to your browser by pressing either of the 'Step' or 'Continue' buttons.
Alternatively you can press the 'Drop' button to dispose of the request.

  Step

This allows the trapped request or response to continue to the application or your browser with any changes that you have made to it.
The 'global' break point will remain set so that the next request or response will also be caught.
This button is only enabled when a request or response is trapped.

  Continue

The 'global' break point will be unset so that subsequent requests and responses will no longer be caught by ZAP unless you have set break points on specific URLs.
This button is only enabled when a request or response is trapped.

  Drop

This drops the trapped request or response so that it is not passed on to the application or your browser.
This button is only enabled when a request or response is trapped.

  Manage Add-ons

This shows the Manage Add-ons dialog which allows you to discover, install and update add-ons from the online marketplace.
It also allows you to uninstall add-ons.

 /    Enable / disable automatic re-authentication

This enables and disables automatic re-authentication.
The button is only enabled when you have defined the Login URL (and associated POST data, if relevant), and either a Logged in or Logged out indicator for at least one session.

See also

    The user interface overview
     Getting Startedfor details of how to start using ZAP
     Dialogsfor details of the dialogs or popups
     Introductionthe introduction to ZAP