Have you ever wondered how you can use the internal scripting engine of #OWASP #ZAP as part of your #Pentest / #RedTeam workflow?

When I tried using it to perform authenticated scans of an API, I found that there was very little documentation, so my colleague Rebecca and I decided to write up the process in the #secureCodeBox blog, with an example for implementing and configuring the #OIDC / #OAuth Client Credential flow. We also describe how the finished script can be integrated into your #secureCodeBox workflows. Give it a read here: https://www.securecodebox.io/blog/2023/09/01/automate-zap-with-authentication