Skip to content
Installing ZAProxy on Linux

Manually installing OWASP ZAP on Linux

Published by tomkraz on 8 February 2023

OWASP ZAP or ZAProxy is a great tool. Unfortunately after I installed it via snap it was not at the latest version. So I decided to do it manually and document my progress. So here we go, manually installing OWASP Zap on Linux

I am using Ubuntu, but the process will work for any modern Linux System. Before I get to manually installing OWASP Zap there are a few steps to consider.

If you are not really a reading type of person, then this is your lucky day. I created a video.

Watch on youtube!

Getting the software

Installing Java

To begin we have to install java (openjdk). The very latest version of openjdk can be used.

In the terminal type

sudo apt update
apt-cache search openjdk-.*-jdk"
Available packages

The results from apt-cache search openjdk will list all the versions of jdk available. In my case the latest version was “openjdk-19-jdk, so lets install it. 

sudo apt install openjdk-19-jdk

installing java
Installing Openjdk

Installing ZAP

Its my experience that the repos do not always have the latest version of the ZAProxy software so I recommend going to the source and downloading it. Grab the latest version from the ZAProxy website.

selecting a package
Download Options

For this I downloaded the “Linux Package”. Once download you can extract the archive into a folder of your choice. I used a directory called “zaproxy” in my home folder.

Once downloaded, right click and select “Open with Archive Manager”

Extract file
Open with Archive Manager

Select the ZAP folder and click the Extract button

extract file
Select the folder

Choose the destination folder and click the extract button.

Select destination folder

You should get the below message. Click on the “Show the Files”

Extraction Completed

The file browser will open and you will see the ZAP folder.

Zap folder

Double click it and you will see the files.

starting zaproxy
ZAProxy files

Now you have ZAProxy extracted you can run it from this folder all the time. Either from the file Browser or from the command line.

ZAProxy First run

Launching ZAProxy

The important file here is the file called “zap.sh”. This will launch the software. So select and right click it to open the context menu. Then click “Run as Program”

Manually Installing ZAProxy on Linux

A terminal will open and ZAProxy will launch.

Launching ZAProxy

For now Select “No, I do not want to persist this session at this moment in time”. Then click start.

ZAProxy automatically checks the status of its plugins on launch and if this is the first run then quite a few of them will be out of date. You will be presented with the “Manage Add-ons” page. Just click “Update All” to proceed with the latest version of the plugins.

Update all the plugins

The ZAProxy interface.

ZAProxy

Further Reading

So now we have our first run of OWASP Zap we have a few more things to do before we can fully use it into our work flow.

Wrap Up

I hope you got some value from manually installing Zap on Linux and if you need to leave me some feed back you can find me on twitter.

Links

Published inIT & SecurityLinux

Comments are closed.