Zap-api-python - Browser-based Authentication

[Diogo Silva]

Good evening, I'm trying to automate the scanning process of a web application. My difficulty lies in the fact that I may have very different applications. For applications that require a login, is it possible to automate the authentication process using zap-api-python? I've watched the videos about Automation Framework, using Browser-based Authentication, but I'm developing a system in Python and I'd like to understand if it's possible to do it that way. I don't need it to work on all applications, covering the majority is sufficient for my work. Looking forward to your response. Best regards, Diogo Moreira

[Diogo Silva]

My doubt arises from the fact that I have to develop an academic project, which consists of a Python system, to integrate with a system previously developed, with the aim of adding the functionality to automate the detection of vulnerabilities in web applications.

My system should not require any configuration from the end user, other than providing a username and password in case the application being analyzed has a login option and the user desires a more comprehensive analysis. It will be something that runs in the background, and for example, once a day, it will analyze the application or list of applications provided by the user.

With that said, I would like to understand if anyone has any suggestions on how to proceed.

Thank you.