Skip to content

Scripting Interface

Jump to bottom
Ailton Caetano edited this page Mar 2, 2015 · 5 revisions

If you want to make a script to help you on your tasks, this is where it all begins.

Below you will find the available methods for each type of script. Note that these are the methods to use in any language you choose (except Zest).

ZAP Packages Index

  • Passive Rules

    • Scripts which run as part of the Passive Scanner and can be individually enabled.

  • Active Rules

    • These run as part of the Active Scanner and can be individually enabled

  • Script Input Vector

  • Fuzz Script

  • Payload

  • Authentication

    • Scripts that are invoked when authentication is performed for a Context. To be used, they need to be selected when configuring the Script-Based Authentication Method for a Context.

  • Proxy

    • Scripts which these run 'inline', can change every request and response and can be individually enabled. They can also trigger break points.

  • Stand Alone

    • Standalone scripts have no template. They are self contained and are only run when your start them manually.

  • Targeted

    • Scripts that invoked with a target URL and are only run when your start them manually.
Clone this wiki locally