I’ve tried to add some pieces of information to Add-on Debugging especially for ascan-rules on this entry.

These steps could be applied to other add-ons. For more details, read the build.xml in zap-extensions.

1. Have both zaproxy and zap-extensions open in Eclipse

2. package and deploy ascan-rules in the zaproxy/src/plugin using the ant build of zap-extensions

   execute the following commands in terminal

   $ cd your/zap-extensions/build
    $ ant -Djavac.debug=true deploy-ascanrules  #compile with debug symbols

3. Refresh the zaproxy project

   • Right click zaproxy project and select ‘Refresh’

4. Build the zaproxy project

   • Right click zaproxy project and select ‘Build Project’

5. Run ZAP in debug mode

6. Put your breakpoint anywhere in the add-on code

7. Execute your scenario

8. When the breakpoint is reached, you may be prompted to define where source are located. Select java project and “zap-extensions”

9. That’s all.