NAV Navbar
python java shell

Introduction

Overview

Welcome to ZAP API Documentation! The OWASP Zed Attack Proxy (ZAP) is one of the world's most popular free security tools which lets you automatically find security vulnerabilities in your applications. ZAP also has an extremely powerful API that allows you to do nearly everything that is possible via the desktop interface. This allows the developers to automate pentesting and security regression testing of the application in the CI/CD pipeline.

This document provides example guides & API definitions for ZAP APIs. You can view code examples in the dark area to the right; switch the programming language of the examples with the tabs on the top right. If anything is missing or seems incorrect, please check the FAQs or the GitHub issues for existing known issues. Also, if you are new to ZAP, then check out the getting started guide to learn the basic concepts behind ZAP.

The following are some of the features provided by ZAP:

Have a look at the examples below to learn how to use each of these features via ZAP API.

Documentation Structure

The API documentation is divided into eight main sections.

Basics on the API Request

ZAP APIs provide access to most of the core features of ZAP such as the active scanner and spider. ZAP API is enabled by default in the daemon mode and the desktop mode. If you are using ZAP desktop, then the API can be configured by visiting the following screen:

Tools -> Options -> API.

zap_desktop_api

Please note that not all the operations which are available in the desktop interface are available via the APIs. Future versions of ZAP will increase the functionality/scope available via the APIs.

API URL Format

The API is available via GET and POST endpoints and the response is available in JSON, XML, HTML, and OTHER (custom formats, e.g. HAR) formats. All the response formats return the same information, just in a different format. Based on the use case, choose the appropriate format. For example, to generate easily readable reports use the HTML format and use XML/JSON based response to parse the results quickly.

The following example shows the API URL format of ZAP:

http://zap/<format>/<component>/<operation>/<operation name>[/?<parameters>]

The format can be either JSON, XML or HTML. The operation can be either view or action or other. The view operation is used to return information and the action is used to control ZAP. For example, views can be used to generated reports or retrieve results and action can be used to start or stop the Spider. The components, operation names and parameters can all be discovered by browsing the API Catalogue.

Access the API

The REST API can be accessed directly or via one of the client implementations detailed below.
A simple web UI is also available to explore and use the APIs via the browser. This web UI can be accessed via http://zap/ when you are proxying through ZAP, or via the host and port ZAP is listening on, e.g. http://localhost:8080/.

zap_api_ui

By default only the machine ZAP is running on is able to access the APIs. You can allow other machines, that are able to use ZAP as a proxy, access to the API.

Client SDKs

API clients are available for the following languages:

Language Download links Notes
.NET NuGet Official API
Java GitHub Maven Central Official API
Node.js NPM Official API
PHP GitHub Packagist In process of becoming an official API
Python PyPI Official API
Ruby GitHub

Quick Setup Guide

The quick setup guide focuses on setting up ZAP and a testing application. If you have already setup ZAP then Jump to specific example to experiment with specific features.

Start ZAP

# For Linux, Option: 1, using "headless/daemon" mode
<ZAP_HOME>./zap.sh -daemon -config api.key=change-me-9203935709
# For Linux, Option: 2, using ZAP desktop App
<ZAP_HOME>./zap.sh

# For Windows, Run the exe file or zap.bat script to start ZAP
// For Linux, Option: 1, using "headless/daemon" mode
<ZAP_HOME>./zap.sh -daemon -config api.key=change-me-9203935709
// For Linux, Option: 2, using ZAP desktop App
<ZAP_HOME>./zap.sh

// For Windows, Run the exe file or zap.bat script to start ZAP
# For Linux, Option: 1, using "headless/daemon" mode
$ <ZAP_HOME>./zap.sh -daemon -config api.key=change-me-9203935709
# For Linux, Option: 2, using ZAP desktop App
$ <ZAP_HOME>./zap.sh 

# For Windows, Run the exe file or zap.bat script to start ZAP

To install ZAP, go to ZAP's home page and download the installer specific to the operating system. After extracting the bundle you can start ZAP by issuing the following command shown in the right column.

The API key must be specified on all API actions and some other operations. The API key is used to prevent malicious sites from accessing ZAP API.

Setup a Testing Application

If you already have a website to scan or to perform security testing, then obtain the URL/IP of the application to begin the scanning. The example guide uses Google's Firing Range and OWASP Juice Shop to perform the security testing. The Spidering and Attacking examples use the public instance of the Firing Range, and OWASP Juice Shop are used to showcase the Authentication examples of ZAP.

The following is a list of publicly available vulnerable applications that you can also used in conjunction with ZAP.

Getting Help

All available APIs are documented in the API Catalogue. If you are new to ZAP, then it's highly recommended that you experiment with the desktop UI before trying out the APIs. Because ZAP's APIs strongly resemble the desktop UI. Therefore by working with the UI, you will get a good understanding on how to orchestrate ZAP's APIs. Also, use the export config functionality from the desktop UI to export complex configurations such as contexts, scan policies, etc. Then use the exported configurations when creating the automation scripts.

ZAP has a very friendly and active developer community. Always feel free to raise a question in the ZAP users forum or Stack Overflow for issues related to ZAP. Also, use the ZAP's GitHub repository to raise a bug report or to make any feature requests.

Stay tuned on twitter @zaproxy.

Exploring the App

In order to expose content and functionality for ZAP to test the target the application should be explored before performing any scan or attack. The more you explore your App the more accurate the results will be. If the application is not explored very well then it will impact or reduce the vulnerabilities ZAP can find.

The following are some of the options to explore the site by using ZAP. You can use multiple approaches in a combination to get more complete coverage of the application.

Using Spider

#!/usr/bin/env python
import time
from zapv2 import ZAPv2

# The URL of the application to be tested
target = 'https://public-firing-range.appspot.com'
# Change to match the API key set in ZAP, or use None if the API key is disabled
apiKey = 'changeMe'

# By default ZAP API client will connect to port 8080
zap = ZAPv2(apikey=apiKey)
# Use the line below if ZAP is not listening on port 8080, for example, if listening on port 8090
# zap = ZAPv2(apikey=apikey, proxies={'http': 'http://127.0.0.1:8090', 'https': 'http://127.0.0.1:8090'})

print('Spidering target {}'.format(target))
# The scan returns a scan id to support concurrent scanning
scanID = zap.spider.scan(target)
while int(zap.spider.status(scanID)) < 100:
    # Poll the status until it completes
    print('Spider progress %: {}'.format(zap.spider.status(scanID)))
    time.sleep(1)

print('Spider has completed!')
# Prints the URLs the spider has crawled
print('\n'.join(map(str, zap.spider.results(scanID))))
# If required post process the spider results

# TODO: Explore the Application more with Ajax Spider or Start scanning the application for vulnerabilities
public class Spider {

    private static final String ZAP_ADDRESS = "localhost";
    private static final int ZAP_PORT = 8080;
    // Change to match the API key set in ZAP, or use NULL if the API key is disabled
    private static final String ZAP_API_KEY = "change me";
    // The URL of the application to be tested
    private static final String TARGET = "https://public-firing-range.appspot.com";

    public static void main(String[] args) {
        ClientApi api = new ClientApi(ZAP_ADDRESS, ZAP_PORT, ZAP_API_KEY);

        try {
            // Start spidering the target
            System.out.println("Spidering target : " + TARGET);
            ApiResponse resp = api.spider.scan(TARGET, null, null, null, null);
            String scanID;
            int progress;

            // The scan returns a scan id to support concurrent scanning
            scanID = ((ApiResponseElement) resp).getValue();
            // Poll the status until it completes
            while (true) {
                Thread.sleep(1000);
                progress = Integer.parseInt(((ApiResponseElement) api.spider.status(scanID)).getValue());
                System.out.println("Spider progress : " + progress + "%");
                if (progress >= 100) {
                    break;
                }
            }
            System.out.println("Spider completed");
            // If required post process the spider results
            List<ApiResponse> spiderResults = ((ApiResponseList) api.spider.results(scanID)).getItems();

            // TODO: Explore the Application more with Ajax Spider or Start scanning the application for vulnerabilities

        } catch (Exception e) {
            System.out.println("Exception : " + e.getMessage());
            e.printStackTrace();
        }
    }
}
# To start the Spider scan (Response: Scan ID). Modify the API Key and URL to suite the target
$ curl "http://localhost:8080/JSON/spider/action/scan/?apikey=<ZAP_API_KEY>&url=https://public-firing-range.appspot.com&contextName=&recurse="

# To view the scan status/ percentage of work done
$ curl "http://localhost:8080/JSON/spider/view/status/?apikey=<ZAP_API_KEY>&scanId=<SCAN_ID>"

# To view the scan results
$ curl "http://localhost:8080/JSON/spider/view/results/?apikey=<ZAP_API_KEY>&scanId=<SCAN_ID>"

# To stop the scanning
$ curl "http://localhost:8080/JSON/spider/action/stop/?apikey=<ZAP_API_KEY>&scanId=<SCAN_ID>"
# To pause the scanning
$ curl "http://localhost:8080/JSON/spider/action/pause/?apikey=<ZAP_API_KEY>&scanId=<SCAN_ID>"
# To resume the scanning
$ curl "http://localhost:8080/JSON/spider/action/resume/?apikey=<ZAP_API_KEY>&scanId=<SCAN_ID>"

The Spider is a tool that is used to automatically discover new resources (URLs) on a particular site. It begins with a list of URLs to visit, called the seeds, which depends on how the Spider is started. The Spider then visits these URLs, it identifies all the hyperlinks in the page and adds them to the list of URLs to visit, and the process continues recursively as long as new resources are found. Each response type is processed differently in ZAP. All the available endpoints for the spider can be found in spider section.

Start the Spider

The Spiders explore the site and they don't actually do any scanning. The resources crawled by the Spider(s) are passively scanned in the background via the Passive Scanner. The scan API runs the spider against the given URL. Optionally, the 'maxChildren' parameter can be set to limit the number of children scanned and the 'recurse' parameter can be used to prevent the spider from seeding recursively. The parameter 'subtreeOnly' allows to restrict the spider under a site's subtree (using the specified 'URL'). The parameter 'contextName' can be used to constrain the scan to a Context. View the context example to understand how to create a context with ZAP API.

The code sample on the right recursively scans the application with the provided URL. The scan ID is returned as a response when starting the Spider. Use this scan ID to perform any additional actions or to retrieve any views from the Spider API.

View Status

The spider scan is a async request and the time to complete the task will vary depending on the complexity of the web application. The scan ID returned via starting the spider should be used to obtain the results of the crawling. Execute the status API to get the status/percentage of work done by the Spider.

View Spider Results

The results of the crawling can be obtained via the results API. The following image shows the JSON sample response provided by the results API, listing all the resources crawled by Spider.

spider results

Stop or Pause the Spider

If the scanning takes more time than expected you can stop or pause the scanning via using the stop or pause APIs. Additional APIs are available in the API Catalogue to pause or resume or to stop All the scanning processes.

The advanced section on Spider contains more examples on how to tweak/improve the Spider results.

Using Ajax Spider

#!/usr/bin/env python
import time
from zapv2 import ZAPv2

# The URL of the application to be tested
target = 'https://public-firing-range.appspot.com'
# Change to match the API key set in ZAP, or use None if the API key is disabled
apiKey = 'changeme'

# By default ZAP API client will connect to port 8080
zap = ZAPv2(apikey=apiKey)
# Use the line below if ZAP is not listening on port 8080, for example, if listening on port 8090
# zap = ZAPv2(apikey=apikey, proxies={'http': 'http://127.0.0.1:8090', 'https': 'http://127.0.0.1:8090'})

print('Ajax Spider target {}'.format(target))
scanID = zap.ajaxSpider.scan(target)

timeout = time.time() + 60*2   # 2 minutes from now
# Loop until the ajax spider has finished or the timeout has exceeded
while zap.ajaxSpider.status == 'running':
    if time.time() > timeout:
        break
    print('Ajax Spider status' + zap.ajaxSpider.status)
    time.sleep(2)

print('Ajax Spider completed')
ajaxResults = zap.ajaxSpider.results(start=0, count=10)
# If required perform additional operations with the Ajax Spider results

# TODO: Start scanning the application to find vulnerabilities
public class AjaxSpider {

    private static final int ZAP_PORT = 8080;
    private static final String ZAP_API_KEY = null;
    private static final String ZAP_ADDRESS = "localhost";
    private static final String TARGET = "https://public-firing-range.appspot.com";

    public static void main(String[] args) {
        // Create the ZAP Client
        ClientApi api = new ClientApi(ZAP_ADDRESS, ZAP_PORT, ZAP_API_KEY);

        try {
            // Start spidering the target
            System.out.println("Ajax Spider target : " + TARGET);
            ApiResponse resp = api.ajaxSpider.scan(TARGET, null, null, null);
            String status;

            long startTime = System.currentTimeMillis();
            long timeout = TimeUnit.MINUTES.toMillis(2); // Two minutes in milli seconds
            // Loop until the ajax spider has finished or the timeout has exceeded
            while (true) {
                Thread.sleep(2000);
                status = (((ApiResponseElement) api.ajaxSpider.status()).getValue());
                System.out.println("Spider status : " + status);
                if (!("stopped".equals(status)) || (System.currentTimeMillis() - startTime) < timeout) {
                    break;
                }
            }
            System.out.println("Ajax Spider completed");
            // Perform additional operations with the Ajax Spider results
            List<ApiResponse> ajaxSpiderResponse = ((ApiResponseList) api.ajaxSpider.results("0", "10")).getItems();

            // TODO: Start scanning(passive/active scan) the application to find vulnerabilities

        } catch (Exception e) {
            System.out.println("Exception : " + e.getMessage());
            e.printStackTrace();
        }
    }
}
# To start the Ajax Spider
$ curl "http://localhost:8080/JSON/AjaxSpider/action/scan/?apikey=<ZAP_API_KEY>&url=<URL>&inScope=&contextName=&subtreeOnly="

# To view the status
$ curl "http://localhost:8080/JSON/AjaxSpider/view/status/?apikey=<ZAP_API_KEY>"

# To view the number of results
$ curl "http://localhost:8080/JSON/AjaxSpider/view/numberOfResults/?apikey=<ZAP_API_KEY>"

# To view the results
$ curl "http://localhost:8080/JSON/AjaxSpider/view/fullResults/?apikey=<ZAP_API_KEY>"

# To stop the Ajax Spider
$ curl "http://localhost:8080/JSON/AjaxSpider/action/stop/?apikey=<ZAP_API_KEY>"

Use the Ajax Spider if you have applications which heavily depend on Ajax or JavaScript. The Ajax Spider allows you to crawl web applications written in Ajax in far more depth than the traditional Spider.You should also use the traditional Spider as well for complete coverage of a application (e.g. to cover HTML comments).

Start Ajax Spider

The scan API starts the Ajax Spider based on a given URL. Similar to the Traditional Spider, Ajax Spider can be also limited to a context or scope. The parameter 'contextName' can be used to constrain the scan to a Context, the option 'inScope' is ignored if a context was also specified. The parameter 'subtreeOnly' allows to restrict the spider under a site's subtree (using the specified 'URL').

View Status

Unlike the traditional Spider, Ajax Spider does not provide a percentage for the work to be done. Use the status endpoint to identify whether the Ajax Spider is still active or finished.

View Results

Similar to the Traditional Spider, the Ajax Spider's results API can be used to view the resources which are crawled by the Ajax Spider. The following image shows a sample response given by the API.

ajax_spider_results

Stop the Ajax Spider

Ajax spider does not have an indication on how much resources are left to be crawled. Therefore if the Ajax spider takes too much time than expected, then it can be stopped by using the stop API.

View the advanced section on Ajax Spider to learn more about how to further fine-tune the results of the Ajax Spider.

Attacking the App

The application should be explored before starting to scan for security vulnerabilities. If you haven't done that look at the explore section on how to explore the web application. The following section provides examples on how to use the Passive and Active Scanner to find security vulnerabilities in the application.

Using Passive Scan

public class PassiveScan {

    private static final int ZAP_PORT = 8080;
    private static final String ZAP_API_KEY = null;
    private static final String ZAP_ADDRESS = "localhost";

    public static void main(String[] args) {
        ClientApi api = new ClientApi(ZAP_ADDRESS, ZAP_PORT, ZAP_API_KEY);
        int numberOfRecords;

        try {
            // TODO : explore the app (Spider, etc) before using the Passive Scan API, Refer the explore section for details
            // Loop until the ajax spider has finished or the timeout has exceeded
            while (true) {
                Thread.sleep(2000);
                api.pscan.recordsToScan();
                numberOfRecords = Integer.parseInt(((ApiResponseElement) api.pscan.recordsToScan()).getValue());
                System.out.println("Number of records left for scanning : " + numberOfRecords);
                if (numberOfRecords == 0) {
                    break;
                }
            }
            System.out.println("Passive Scan completed");

            // Print Passive scan results/alerts
            System.out.println("Alerts:");
            System.out.println(new String(api.core.xmlreport(), StandardCharsets.UTF_8));

        } catch (Exception e) {
            System.out.println("Exception : " + e.getMessage());
            e.printStackTrace();
        }
    }
}
#!/usr/bin/env python
import time
from pprint import pprint
from zapv2 import ZAPv2

apiKey = 'changeme'
target = 'https://public-firing-range.appspot.com'
zap = ZAPv2(apikey=apiKey, proxies={'http': 'http://127.0.0.1:8080', 'https': 'http://127.0.0.1:8080'})

# TODO : explore the app (Spider, etc) before using the Passive Scan API, Refer the explore section for details
while int(zap.pscan.records_to_scan) > 0:
    # Loop until the ajax spider has finished or the timeout has exceeded
    print('Records to passive scan : ' + zap.pscan.records_to_scan)
    time.sleep(2)

print('Passive Scan completed')

# Print Passive scan results/alerts
print('Hosts: {}'.format(', '.join(zap.core.hosts)))
print('Alerts: ')
pprint(zap.core.alerts())
# To view the number of records left to be scanned
$ curl "http://localhost:8080/JSON/pscan/view/recordsToScan/?apikey=<ZAP_API_KEY>"

# To view the alerts of passive scan
$ curl "http://localhost:8080/JSON/core/view/alerts/?apikey=<ZAP_API_KEY>&baseurl=<TARGET_URL>&start=0&count=10"

All requests that are proxied through ZAP or initialised by tools like the Spider are passively scanned. You do not have to manually start the passive scan process, ZAP by default passively scans all HTTP and WebSocket messages (requests and responses)
which are sent to the application.

Passive scanning does not change the requests nor the responses in any way and is therefore safe to use. This is good for finding problems like missing security headers or missing anti CSRF tokens but is no good for finding vulnerabilities like XSS which require malicious requests to be sent - that's the job of the active scanner.

View the Status

As the records are passively scanned it will take additional time to complete the full scan. After the crawling is completed use the recordsToScan API to obtain the number of records left to be scanned. After the scanning has completed the alerts can be obtained via the alerts endpoint(s).

View the advanced section to know how to configure additional parameters of Passive Scan.

Using Active Scan

Active scanning attempts to find potential vulnerabilities by using known attacks against the selected targets. Active scanning is an attack on those targets. You should NOT use it on applications that you do not own.

Start Active Scanner

public class ActiveScan {

    private static final int ZAP_PORT = 8080;
    private static final String ZAP_API_KEY = null;
    private static final String ZAP_ADDRESS = "localhost";
    private static final String TARGET = "https://public-firing-range.appspot.com";

    public static void main(String[] args) {

        ClientApi api = new ClientApi(ZAP_ADDRESS, ZAP_PORT, ZAP_API_KEY);

        try {
            // TODO : explore the app (Spider, etc) before using the Active Scan API, Refer the explore section
            System.out.println("Active Scanning target : " + TARGET);
            ApiResponse resp = api.ascan.scan(TARGET, "True", "False", null, null, null);
            String scanid;
            int progress;

            // The scan now returns a scan id to support concurrent scanning
            scanid = ((ApiResponseElement) resp).getValue();
            // Poll the status until it completes
            while (true) {
                Thread.sleep(5000);
                progress =
                        Integer.parseInt(
                                ((ApiResponseElement) api.ascan.status(scanid)).getValue());
                System.out.println("Active Scan progress : " + progress + "%");
                if (progress >= 100) {
                    break;
                }
            }

            System.out.println("Active Scan complete");
            // Print vulnerabilities found by the scanning
            System.out.println("Alerts:");
            System.out.println(new String(api.core.xmlreport(), StandardCharsets.UTF_8));

        } catch (Exception e) {
            System.out.println("Exception : " + e.getMessage());
            e.printStackTrace();
        }
    }
}
#!/usr/bin/env python
import time
from pprint import pprint
from zapv2 import ZAPv2

apiKey = 'changeme'
target = 'https://public-firing-range.appspot.com'
zap = ZAPv2(apikey=apiKey, proxies={'http': 'http://127.0.0.1:8080', 'https': 'http://127.0.0.1:8080'})

# TODO : explore the app (Spider, etc) before using the Active Scan API, Refer the explore section
print('Active Scanning target {}'.format(target))
scanID = zap.ascan.scan(target)
while int(zap.ascan.status(scanID)) < 100:
    # Loop until the scanner has finished
    print('Scan progress %: {}'.format(zap.ascan.status(scanID)))
    time.sleep(5)

print('Active Scan completed')
# Print vulnerabilities found by the scanning
print('Hosts: {}'.format(', '.join(zap.core.hosts)))
print('Alerts: ')
pprint(zap.core.alerts(baseurl=target))
# To start the the active scan
$ curl "http://localhost:8080/JSON/ascan/action/scan/?apikey=<ZAP_API_KEY>&url=<TARGET_URL>&recurse=true&inScopeOnly=&scanPolicyName=&method=&postData=&contextId="

# To view the the status of active scan
$ curl "http://localhost:8080/JSON/ascan/view/status/?apikey=<ZAP_API_KEY>&scanId=<SCAN_ID>"

# To view the alerts of active scan
$ curl "http://localhost:8080/JSON/core/view/alerts/?apikey=<ZAP_API_KEY>&baseurl=<TARGET_URL>&start=0&count=10"

# To stop the active scan
$ curl "http://localhost:8080/JSON/ascan/action/stop/?apikey=<ZAP_API_KEY>&scanId=<SCAN_ID>"

The scan endpoint runs the active scanner against the given URL or Context. Optionally, the 'recurse' parameter can be used to scan URLs under the given URL, the parameter 'inScopeOnly' can be used to constrain the scan to URLs that are in scope (ignored if a Context is specified). The parameter 'scanPolicyName' allows to specify the scan policy (if none is given it uses the default scan policy). The parameters 'method' and 'postData' allow to select a given request in conjunction with the given URL.

View advanced settings to learn, how to configure the context, scope, and scan policy with ZAP APIs.

View Status

The status API provides the percentage of scanning done by the active scanner. The scan ID returned via starting the Active Scan should be used to query the status of the scanner.

View Results

Similar to the passive scan results, the active scan results can be viewed using the same alerts endpoint(s). The alerts endpoint(s) will show the consolidated results of Passive and Active Scan.

Stop Active Scanning

Use the stop API to stop a long running active scan. Optionally you can use the stopAllScans endpoints or pause endpoint to stop and pause the active scanning.

It should be noted that active scanning can only find certain types of vulnerabilities. Logical vulnerabilities, such as broken access control, will not be found by any active or automated vulnerability scanning. Manual penetration testing should always be performed in addition to active scanning to find all types of vulnerabilities.

Getting the Results

#!/usr/bin/env python
from zapv2 import ZAPv2

# The URL of the application to be tested
target = 'https://public-firing-range.appspot.com'
# Change to match the API key set in ZAP, or use None if the API key is disabled
apiKey = 'changeMe'

# By default ZAP API client will connect to port 8080
zap = ZAPv2(apikey=apiKey)
# Use the line below if ZAP is not listening on port 8080, for example, if listening on port 8090
# zap = ZAPv2(apikey=apikey, proxies={'http': 'http://127.0.0.1:8090', 'https': 'http://127.0.0.1:8090'})

# TODO: Check if the scanning has completed

# Retrieve the alerts using paging in case there are lots of them
st = 0
pg = 5000
alert_dict = {}
alert_count = 0
alerts = zap.alert.alerts(baseurl=target, start=st, count=pg)
blacklist = [1,2]
while len(alerts) > 0:
    print('Reading ' + str(pg) + ' alerts from ' + str(st))
    alert_count += len(alerts)
    for alert in alerts:
        plugin_id = alert.get('pluginId')
        if plugin_id in blacklist:
            continue
        if alert.get('risk') == 'High':
            # Trigger any relevant postprocessing
            continue
        if alert.get('risk') == 'Informational':
            # Ignore all info alerts - some of them may have been downgraded by security annotations
            continue
    st += pg
    alerts = zap.alert.alerts(start=st, count=pg)
print('Total number of alerts: ' + str(alert_count))
public class Alerts {

    private static final String ZAP_ADDRESS = "localhost";
    private static final int ZAP_PORT = 8080;
    // Change to match the API key set in ZAP, or use NULL if the API key is disabled
    private static final String ZAP_API_KEY = "change me";
    // The URL of the application to be tested
    private static final String TARGET = "https://public-firing-range.appspot.com";

    private static List<String> blackListPlugins = Arrays.asList("1000", "1025");


    public static void main(String[] args) {
        ClientApi api = new ClientApi(ZAP_ADDRESS, ZAP_PORT, ZAP_API_KEY);

        try {
            // TODO: Check if the scanning has completed

            // Retrieve the alerts using paging in case there are lots of them
            int start = 0;
            int count = 5000;
            int alertCount = 0;
            ApiResponse resp = api.alert.alerts(TARGET, String.valueOf(start), String.valueOf(count), null);

            while (((ApiResponseList) resp).getItems().size() != 0) {
                System.out.println("Reading " + count + " alerts from " + start);
                alertCount += ((ApiResponseList) resp).getItems().size();

                for (ApiResponse l : (((ApiResponseList) resp).getItems())) {

                    Map<String, ApiResponse> element = ((ApiResponseSet) l).getValuesMap();
                    if (blackListPlugins.contains(element.get("pluginId").toString())) {
                        // TODO: Trigger any relevant postprocessing
                    } else if ("High".equals(element.get("risk").toString())) {
                        // TODO: Trigger any relevant postprocessing
                    } else if ("Informational".equals(element.get("risk").toString())) {
                        // TODO: Ignore all info alerts - some of them may have been downgraded by security annotations
                    }
                }
                start += count;
                resp = api.alert.alerts(TARGET, String.valueOf(start), String.valueOf(count), null);
            }
            System.out.println("Total number of Alerts: " + alertCount);

        } catch (Exception e) {
            System.out.println("Exception : " + e.getMessage());
            e.printStackTrace();
        }
    }
}
# To view the alerts
$ curl "http://localhost:8080/JSON/alert/view/alerts/?apikey=<ZAP_API_KEY>&baseurl=<BASE_URL>&start=0&count=5000&riskId="

# To view the summary of the alerts
$ curl "http://localhost:8080/JSON/alert/view/alertsSummary/?apikey=<ZAP_API_KEY>baseurl=<BASE_URL>"

# To view alerts by risk category
$ curl "http://localhost:8080/JSON/alert/view/alertsByRisk/?apikey=<ZAP_API_KEY>&url=<BASE_URL>&recurse="

After the scanning (Active/Passive) completes, ZAP provides the security vulnerabilities in the form of alerts. The alerts are categorized into high-priority, medium-priority, low-priority and informational priority risks. The priority indicates the degree of risk associated with each alert. For example, a high priority risk means that the issues listed in that category has more threat or risk potential than a medium-priority alert.

The alerts endpoint provides all the alerts which are identified by ZAP. View the sample code on the right to retrieve the alerts from the alerts endpoint. The results can be used to raise security alerts in the CI/CD pipeline or to trigger any custom workflows.

alert_sample

The alerts summary gets the number of alerts grouped by each risk level and optionally filtering by URL. A Summary report can be also generated using the core module. Use the htmlreport or jsonreport or xmlreport endpoint to generate this summary report. The following image shows the report generated via the HTML report API. The report categories the alerts to risk level and provides a brief description about each alert.

html report

Getting Authenticated

The target application for testing might have a portion of the functionality that is only available for a logged-in user. In order to get full test coverage of the application you need to test the application with a logged-in user as well. Therefore it's very important to understand how to perform authenticated scans with ZAP. ZAP has several means to authenticate your application and keep track of the authentication state. The following are some of the options available for authentication with ZAP.

The examples below show three authentication workflows. A simple form-based authentication is showcased with the use of the Bodgeit application. The second example shows the script-based authentication using the Damn Vulnerable Web Application(DVWA). The third example shows a more complicated authentication workflow using the JSON and script-based authentication using the OWASP Juice Shop.

General Steps

The following are the general steps when configuring the application authentication with ZAP.

Step 1. Define a context

Contexts are a way of relating a set of URLs together. The URLs are defined as a set of regular expressions (regex). You should include the target application inside the context. The unwanted URLs such as the logout page, password change functionality should be added to the exclude in context section.

Step 2. Set the authentication mechanism

Choose the appropriate login mechanism for your application. If your application supports a simple form-based login, then choose the form-based authentication method. For complex login workflows, you can use the script-based login to define custom authentication workflows.

Step 3. Define your auth parameters

In general, you need to provide the settings on how to communicate to the authentication service of your application. In general, the settings would include the login URL and payload format (username & password). The required parameters will be different for different authentication methods.

Step 4. Set relevant logged in/out indicators

ZAP additionally needs hints to identify whether the application is authenticated or not. To verify the authentication status, ZAP supports logged in/out regexes. These are regex patterns that you should configure to match strings in the responses which indicate if the user is logged in or logged out.

Step 5. Add a valid user and password

Add a user account (an existing user in your application) with valid credentials in ZAP. You can create multiple users if your application exposes different functionality based on user roles. Additionally, you should also set valid session management when configuring the authentication for your application. Currently, ZAP supports cookie-based session management and HTTP authentication based session management.

Step 6. Enable forced user mode (Optional)

Now enable the Forceduseroff "Forced User Mode disabled - click to enable" button. Pressing this button will cause ZAP to resend the authentication request whenever it detects that the user is no longer logged in, ie by using the 'logged in' or 'logged out' indicator. But the forced used mode is ignored for scans that already have a user set.

Form Based Authentication

#!/usr/bin/env python
import urllib.parse
from zapv2 import ZAPv2

context_id = 1
apiKey = 'changeMe'
context_name = 'Default Context'
target_url = 'http://localhost:8090/bodgeit'

# By default ZAP API client will connect to port 8080
zap = ZAPv2(apikey=apiKey)


# Use the line below if ZAP is not listening on port 8080, for example, if listening on port 8090
# zap = ZAPv2(apikey=apikey, proxies={'http': 'http://127.0.0.1:8090', 'https': 'http://127.0.0.1:8090'})

def set_include_in_context():
    exclude_url = 'http://localhost:8090/bodgeit/logout.jsp'
    include_url = 'http://localhost:8090/bodgeit.*'
    zap.context.include_in_context(context_name, include_url, apiKey)
    zap.context.exclude_from_context(context_name, exclude_url, apiKey)
    print('Configured include and exclude regex(s) in context')


def set_logged_in_indicator():
    logged_in_regex = '\Q<a href="logout.jsp">Logout</a>\E'
    zap.authentication.set_logged_in_indicator(context_id, logged_in_regex, apiKey)
    print('Configured logged in indicator regex: ')


def set_form_based_auth():
    login_url = 'http://localhost:8090/bodgeit/login.jsp'
    login_request_data = 'username={%username%}&password={%password%}'
    form_based_config = 'loginUrl=' + urllib.parse.quote(login_url) + '&loginRequestData=' + urllib.parse.quote(login_request_data)
    zap.authentication.set_authentication_method(context_id, 'formBasedAuthentication', form_based_config, apiKey)
    print('Configured form based authentication')


def set_user_auth_config():
    user = 'Test User'
    username = '[email protected]'
    password = 'weakPassword'

    user_id = zap.users.new_user(context_id, user, apiKey)
    user_auth_config = 'username=' + urllib.parse.quote(username) + '&password=' + urllib.parse.quote(password)
    zap.users.set_authentication_credentials(context_id, user_id, user_auth_config, apiKey)
    zap.users.set_user_enabled(context_id, user_id, 'true', apiKey)
    zap.forcedUser.set_forced_user(context_id, user_id, apiKey)
    zap.forcedUser.set_forced_user_mode_enabled('true', apiKey)
    print('User Auth Configured')
    return user_id


def start_spider(user_id):
    zap.spider.scan_as_user(context_id, user_id, target_url, recurse='true')
    print('Started Scanning with Authentication')


set_include_in_context()
set_form_based_auth()
set_logged_in_indicator()
user_id_response = set_user_auth_config()
start_spider(user_id_response)

public class FormAuth {

    private static final String ZAP_ADDRESS = "localhost";
    private static final int ZAP_PORT = 8080;
    private static final String ZAP_API_KEY = null;
    private static final String contextId = "1";
    private static final String contextName = "Default Context";
    private static final String target = "http://localhost:8090/bodgeit";

    private static void setIncludeAndExcludeInContext(ClientApi clientApi) throws UnsupportedEncodingException, ClientApiException {
        String includeInContext = "http://localhost:8090/bodgeit.*";
        String excludeInContext = "http://localhost:8090/bodgeit/logout.jsp";

        clientApi.context.includeInContext(contextName, includeInContext);
        clientApi.context.excludeFromContext(contextName, excludeInContext);
    }


    private static void setLoggedInIndicator(ClientApi clientApi) throws UnsupportedEncodingException, ClientApiException {
        // Prepare values to set, with the logged in indicator as a regex matching the logout link
        String loggedInIndicator = "<a href=\"logout.jsp\">Logout</a>";

        // Actually set the logged in indicator
        clientApi.authentication.setLoggedInIndicator(ZAP_API_KEY, contextId, java.util.regex.Pattern.quote(loggedInIndicator));

        // Check out the logged in indicator that is set
        System.out.println("Configured logged in indicator regex: "
                + ((ApiResponseElement) clientApi.authentication.getLoggedInIndicator(contextId)).getValue());
    }

    private static void setFormBasedAuthenticationForBodgeit(ClientApi clientApi) throws ClientApiException,
            UnsupportedEncodingException {
        // Setup the authentication method

        String loginUrl = "http://localhost:8090/bodgeit/login.jsp";
        String loginRequestData = "username={%username%}&password={%password%}";

        // Prepare the configuration in a format similar to how URL parameters are formed. This
        // means that any value we add for the configuration values has to be URL encoded.
        StringBuilder formBasedConfig = new StringBuilder();
        formBasedConfig.append("loginUrl=").append(URLEncoder.encode(loginUrl, "UTF-8"));
        formBasedConfig.append("&loginRequestData=").append(URLEncoder.encode(loginRequestData, "UTF-8"));

        System.out.println("Setting form based authentication configuration as: "
                + formBasedConfig.toString());
        clientApi.authentication.setAuthenticationMethod(ZAP_API_KEY, contextId, "formBasedAuthentication",
                formBasedConfig.toString());

        // Check if everything is set up ok
        System.out
                .println("Authentication config: " + clientApi.authentication.getAuthenticationMethod(contextId).toString(0));
    }

    private static String setUserAuthConfigForBodgeit(ClientApi clientApi) throws ClientApiException, UnsupportedEncodingException {
        // Prepare info
        String user = "Test User";
        String username = "[email protected]";
        String password = "weakPassword";

        // Make sure we have at least one user
        String userId = extractUserId(clientApi.users.newUser(ZAP_API_KEY, contextId, user));

        // Prepare the configuration in a format similar to how URL parameters are formed. This
        // means that any value we add for the configuration values has to be URL encoded.
        StringBuilder userAuthConfig = new StringBuilder();
        userAuthConfig.append("username=").append(URLEncoder.encode(username, "UTF-8"));
        userAuthConfig.append("&password=").append(URLEncoder.encode(password, "UTF-8"));

        System.out.println("Setting user authentication configuration as: " + userAuthConfig.toString());
        clientApi.users.setAuthenticationCredentials(ZAP_API_KEY, contextId, userId, userAuthConfig.toString());
        clientApi.users.setUserEnabled(contextId, userId, "true");
        clientApi.forcedUser.setForcedUser(contextId, userId);
        clientApi.forcedUser.setForcedUserModeEnabled(true);

        // Check if everything is set up ok
        System.out.println("Authentication config: " + clientApi.users.getUserById(contextId, userId).toString(0));
        return userId;
    }

    private static String extractUserId(ApiResponse response) {
        return ((ApiResponseElement) response).getValue();
    }

    private static void scanAsUser(ClientApi clientApi, String userId) throws ClientApiException {
        clientApi.spider.scanAsUser(contextId, userId, target, null, "true", null);
    }

    /**
     * The main method.
     *
     * @param args the arguments
     * @throws ClientApiException
     * @throws UnsupportedEncodingException
     */
    public static void main(String[] args) throws ClientApiException, UnsupportedEncodingException {
        ClientApi clientApi = new ClientApi(ZAP_ADDRESS, ZAP_PORT);

        setIncludeAndExcludeInContext(clientApi);
        setFormBasedAuthenticationForBodgeit(clientApi);
        setLoggedInIndicator(clientApi);
        String userId = setUserAuthConfigForBodgeit(clientApi);
        scanAsUser(clientApi, userId);
    }
}
# To include in default context
curl 'http://localhost:8080/JSON/context/action/includeInContext/?contextName=Default+Context&regex=http%3A%2F%2Flocalhost%3A8090%2Fbodgeit.*'

# Set login details (URL Endoded)
curl 'http://localhost:8080/JSON/authentication/action/setAuthenticationMethod/?contextId=1&authMethodName=formBasedAuthentication&authMethodConfigParams=loginUrl%3Dhttp%3A%2F%2Flocalhost%3A8090%2Fbodgeit%2Flogin.jsp%26loginRequestData%3Dusername%253D%257B%2525username%2525%257D%2526password%253D%257B%2525password%2525%257D'

# To set the login indicator
curl 'http://localhost:8080/JSON/authentication/action/setLoggedInIndicator/?contextId=1&loggedInIndicatorRegex=%5CQ%3Ca+href%3D%22logout.jsp%22%3ELogout%3C%2Fa%3E%5CE'

# To create a user (The first user id is: 0)
curl 'http://localhost:8080/JSON/users/action/newUser/?contextId=1&name=Test+User'

# To add the credentials for the user
curl 'http://localhost:8080/JSON/users/action/setAuthenticationCredentials/?contextId=1&userId=0&authCredentialsConfigParams=username%3Dtest%40example.com%26password%3DweakPassword'

# To enable the user
curl 'http://localhost:8080/JSON/users/action/setUserEnabled/?contextId=1&userId=0&enabled=true'

# To set forced user
curl 'http://localhost:8080/JSON/forcedUser/action/setForcedUser/?contextId=1&userId=0'

# To enable forced user mode
curl 'http://localhost:8080/JSON/forcedUser/action/setForcedUserModeEnabled/?boolean=true'

The following example performs a simple form-based authentication using the Bodgeit vulnerable application. It's recommended that you configure the authentication via the desktop UI before attempting the APIs.

Setup Target Application

Bodgeit uses a simple form-based authentication to authenticate the users to the application. Use the following command to start a docker instance of the Bodgeit application: docker run --rm -p 8090:8080 -i -t psiinon/bodgeit

Register a User

Register a user in the application by navigating to the following URL: http://localhost:8090/bodgeit/register.jsp. For the purpose of this example, use the following credentials.

Login

After registering the user, browse (proxied via ZAP) to the following URL (http://localhost:8090/bodgeit/login.jsp), and log in to the application. When you log in to the application, the request will be added to the History tab in ZAP. Search for the POST request to the following URL: http://localhost:8090/bodgeit/login.jsp. Right-click on the post request, and select Flag as Context -> Default Context : Form based Login Request option. This will open the context authentication editor. You can notice it has auto-selected the form-based authentication, auto-filled the login URL, and the post data. Select the correct form parameter as the username and password in the dropdown and click Ok.

Now you need to inform ZAP whether the application is logged in or out. The Bodgeit application includes the logout URL <a href="logout.jsp">Logout</a> as the successful response. You can view this by navigating to the response tab of the login request. Highlight the text and right click and select the Flag as Context -> Default Context, Loggedin Indicator option. This will autofill the regex needed for the login indicator. The following image shows the completed set up for the authentication tab of the context menu.

auth

Now let's add the user credentials by going to the context -> users -> Add section. After adding the credentials, enable the Forceduseroff "Forced User" mode in the desktop UI to forcefully authenticate the user prior to the testing of the application.

Now let's test the authentication by performing an authenticated Spidering with ZAP. To accomplish this, go to the Spider and select the default context and the test user to perform the authentication. After this, you should see the Spider crawling all the protected resources.

Steps to Reproduce via API

If you have configured the authentication via the desktop UI, then export the context and import it using the importContext API. Otherwise follow the steps below to configure the authentication setting for the context.

Include in Context

Inorder to proceed with authentication, the URL of the application should be added to the context. As the Bodgit is available via http://localhost:8090/bodgeit use the includeInContext API to add the URL to a context.

Set Authentication Method

Use the setAuthenticationMethod to set up the authentication method and the configuration parameters. The setAuthenticationMethod takes contextId, authMethodName, and authMethodConfigParams as parameters. As Bodgeit uses the form-based authentication, use formBasedAuthentication for the authMethodName and use the contextID from Step 1 as the contextId parameter.

The authMethodConfigParams requires the loginUrl and loginRequestData. Therefore you should set the values to authMethodConfigParams in the following format:

authMethodConfigParams : loginUrl=http://localhost:8090/bodgeit/login.jsp&loginRequestData=username%3D%7B%25username%25%7D%26password%3D%7B%25password%25%7D

The values for authMethodConfigParams parameters must be URL encoded, in this case loginRequestData is username={%username%}&password={%password%}.

Set Login and Logout Indicators

Use the setLoggedOutIndicator to set the logout indicators of the application. The Following is the regex command to match the successful response with the Bodgeit application. \Q<a href=\"logout.jsp\"></a>\E

Create User and Enable Forced User Mode

Now add the user credentials via the setAuthenticationCredentials API and use the SetForcedUserModeEnabled to enable the forced user mode in ZAP.

Advanced Settings

The following section shows advanced configurations of the APIs.

Spider Settings

The following image shows the advanced configurations tab of Spider in the desktop UI.

spider_advanced

Use the setOptionMaxDepth to set the maximum depth the spider can crawl, where 0 refers to unlimited depth. The setOptionMaxChildren sets the maximum number of child nodes (per node) that can be crawled, where 0 means no limit. The setOptionMaxDuration API can be used to set the maximum duration the Spider will run. Use the setOptionMaxParseSizeBytes to limit the amount of data parsed by the spider. This allows the spider to skip big responses/files.

View the Spider section in the API Catalogue for additional APIs.

Ajax Spider Settings

The following image shows the advanced configurations tab of Ajax Spider in the desktop UI.

ajax_spider_advanced

Similar to the Spider API, the Ajax spider also provides APIs to set the maximum depth, crawl state, and maximum duration.

Passive Scan Settings

The scanning rules can be enabled/disabled using the enableScanners and disableScanners API. Also use the setScanOnlyInScope API to limit the passive scanning to a scope. View the advanced section to learn how to configure a context or scope using ZAP APIs.

Passive scanning can also be used to automatically add tags and raise alerts for potential issues. A set of rules for automatic tagging are provided by default. These can be changed, deleted or added to via the Options Passive Scan Tags Screen.

Active Scan Settings

Content in progress!

Contributions Welcome!

Contributions are welcome! There are many ways you can contribute to OWASP ZAP, both as a user and as a developer.

1. Creating High-level API/Automation Docs

Create high level docs or example guides on how to use the APIs to perform any action/view with ZAP. The source files for the ZAP API documentation is hosted on GitHub. The repository is available at Github. The source files are in Markdown (md) format.

2. REST API Documentation

ZAP's rest API is documented using the OpenAPI specification. The specification could be improved by enhancing the description of parameters/ results/ data types etc. The open API specification is available via GitHub.

3. Feature Documentation

Feature documentation related to ZAP is available on ZAP wiki, ZAP user guide, and ZAP extensions repositories.

How to Contribute

The ZAP API documentation is developed according to the docs as code philosophy. The most direct and effective way to contribute to the docs is to submit a pull request(PR) or raise an issue in the GitHub repository containing the docs content that you want to change.

There are 2 different workflows which you can use to make changes or PRs. Use what you are most comfortable with!

1. "Edit this File on GitHub"

You can edit the documentation in the browser via navigating to the relevant source file and clicking the edit this file button. This workflow is recommended for minor changes. For example correcting typos/spellings/grammar etc. For extensive changes, please use the local setup and editing option.

2. Local Setup and Editing

You can fork the repository on GitHub and submit the changes via pull requests. Please see the local setup for API docs section to setup and render the docs locally.

Local Setup for API Docs

ZAP uses git for its code repository. To submit a documentation update, use the following steps:

1. Clone the ZAP Docs repository: git clone https://github.com/zaproxy/zap-api-docs

2. Navigate to the cloned repository: cd zap-api-docs

3. Use the following guide to install Ruby

4. To install the dependencies: $ bundle install

5. To start the server: $ bundle exec middleman server

Documentation Style

This style guide provides a set of editorial guidelines for anyone writing documentation for OWASP ZAP.

General Guidelines

Language and Grammar

Formatting

Punctuation

Markdown Syntax

The API docs are created using standard markdown files. This section contains information regarding the syntax and linting of the Markdown files. Refer to the Slate documentation. Also refer to this document to properly lint the Markdown files.

Writing Code

Inline Code

Put `backticks` around the following symbols when used in text:

Code Block

Use three back ticks to open and close a code block. Specify the programming language after the first backtick group. The documentation currently supports python, java, and shell languages.

code_example

API Catalogue

Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.

The HTTP API for controlling and accessing ZAP.

Base URLs:

Email: OWASP ZAP User Group Web: OWASP ZAP User Group License: Apache 2.0

Authentication

alert

alertViewAlert

Code samples

# You can also use wget
curl -X GET http://zap/JSON/alert/view/alert/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/alert/view/alert/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/alert/view/alert/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/alert/view/alert/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/alert/view/alert/

Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId' field and 'message' API method

Parameters

Name In Type Required Description
id query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

alertViewAlerts

Code samples

# You can also use wget
curl -X GET http://zap/JSON/alert/view/alerts/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/alert/view/alerts/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/alert/view/alerts/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/alert/view/alerts/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/alert/view/alerts/

Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position and 'count' of alerts

Parameters

Name In Type Required Description
baseurl query string false none
start query integer false none
count query integer false none
riskId query string false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

alertViewAlertsSummary

Code samples

# You can also use wget
curl -X GET http://zap/JSON/alert/view/alertsSummary/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/alert/view/alertsSummary/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/alert/view/alertsSummary/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/alert/view/alertsSummary/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/alert/view/alertsSummary/

Gets number of alerts grouped by each risk level, optionally filtering by URL

Parameters

Name In Type Required Description
baseurl query string false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

alertViewNumberOfAlerts

Code samples

# You can also use wget
curl -X GET http://zap/JSON/alert/view/numberOfAlerts/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/alert/view/numberOfAlerts/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/alert/view/numberOfAlerts/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/alert/view/numberOfAlerts/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/alert/view/numberOfAlerts/

Gets the number of alerts, optionally filtering by URL or riskId

Parameters

Name In Type Required Description
baseurl query string false none
riskId query string false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

alertViewAlertsByRisk

Code samples

# You can also use wget
curl -X GET http://zap/JSON/alert/view/alertsByRisk/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/alert/view/alertsByRisk/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/alert/view/alertsByRisk/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/alert/view/alertsByRisk/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/alert/view/alertsByRisk/

Gets a summary of the alerts, optionally filtered by a 'url'. If 'recurse' is true then all alerts that apply to urls that start with the specified 'url' will be returned, otherwise only those on exactly the same 'url' (ignoring url parameters)

Parameters

Name In Type Required Description
url query string false none
recurse query boolean false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

alertViewAlertCountsByRisk

Code samples

# You can also use wget
curl -X GET http://zap/JSON/alert/view/alertCountsByRisk/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/alert/view/alertCountsByRisk/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/alert/view/alertCountsByRisk/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/alert/view/alertCountsByRisk/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/alert/view/alertCountsByRisk/

Gets a count of the alerts, optionally filtered as per alertsPerRisk

Parameters

Name In Type Required Description
url query string false none
recurse query boolean false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

alertActionDeleteAllAlerts

Code samples

# You can also use wget
curl -X GET http://zap/JSON/alert/action/deleteAllAlerts/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/alert/action/deleteAllAlerts/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/alert/action/deleteAllAlerts/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/alert/action/deleteAllAlerts/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/alert/action/deleteAllAlerts/

Deletes all alerts of the current session.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

alertActionDeleteAlert

Code samples

# You can also use wget
curl -X GET http://zap/JSON/alert/action/deleteAlert/?id=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/alert/action/deleteAlert/?id=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/alert/action/deleteAlert/', params={
  'id': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/alert/action/deleteAlert/',
  params: {
  'id' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /JSON/alert/action/deleteAlert/

Deletes the alert with the given ID.

Parameters

Name In Type Required Description
id query integer true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

acsrf

acsrfViewOptionTokensNames

Code samples

# You can also use wget
curl -X GET http://zap/JSON/acsrf/view/optionTokensNames/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/acsrf/view/optionTokensNames/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/acsrf/view/optionTokensNames/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/acsrf/view/optionTokensNames/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/acsrf/view/optionTokensNames/

Lists the names of all anti-CSRF tokens

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

acsrfActionAddOptionToken

Code samples

# You can also use wget
curl -X GET http://zap/JSON/acsrf/action/addOptionToken/?String=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/acsrf/action/addOptionToken/?String=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/acsrf/action/addOptionToken/', params={
  'String': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/acsrf/action/addOptionToken/',
  params: {
  'String' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/acsrf/action/addOptionToken/

Adds an anti-CSRF token with the given name, enabled by default

Parameters

Name In Type Required Description
String query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

acsrfActionRemoveOptionToken

Code samples

# You can also use wget
curl -X GET http://zap/JSON/acsrf/action/removeOptionToken/?String=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/acsrf/action/removeOptionToken/?String=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/acsrf/action/removeOptionToken/', params={
  'String': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/acsrf/action/removeOptionToken/',
  params: {
  'String' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/acsrf/action/removeOptionToken/

Removes the anti-CSRF token with the given name

Parameters

Name In Type Required Description
String query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

acsrfOtherGenForm

Code samples

# You can also use wget
curl -X GET http://zap/OTHER/acsrf/other/genForm/?hrefId=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/OTHER/acsrf/other/genForm/?hrefId=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/OTHER/acsrf/other/genForm/', params={
  'hrefId': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/OTHER/acsrf/other/genForm/',
  params: {
  'hrefId' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /OTHER/acsrf/other/genForm/

Generate a form for testing lack of anti-CSRF tokens - typically invoked via ZAP

Parameters

Name In Type Required Description
hrefId query integer true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscan

pscanViewScanOnlyInScope

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/view/scanOnlyInScope/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/view/scanOnlyInScope/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/view/scanOnlyInScope/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/view/scanOnlyInScope/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/pscan/view/scanOnlyInScope/

Tells whether or not the passive scan should be performed only on messages that are in scope.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanViewRecordsToScan

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/view/recordsToScan/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/view/recordsToScan/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/view/recordsToScan/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/view/recordsToScan/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/pscan/view/recordsToScan/

The number of records the passive scanner still has to scan

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanViewScanners

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/view/scanners/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/view/scanners/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/view/scanners/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/view/scanners/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/pscan/view/scanners/

Lists all passive scanners with its ID, name, enabled state and alert threshold.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanViewCurrentRule

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/view/currentRule/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/view/currentRule/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/view/currentRule/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/view/currentRule/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/pscan/view/currentRule/

Show information about the passive scan rule currently being run (if any).

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanViewMaxAlertsPerRule

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/view/maxAlertsPerRule/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/view/maxAlertsPerRule/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/view/maxAlertsPerRule/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/view/maxAlertsPerRule/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/pscan/view/maxAlertsPerRule/

Gets the maximum number of alerts a passive scan rule should raise.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanActionSetEnabled

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/action/setEnabled/?enabled=true \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/action/setEnabled/?enabled=true");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/action/setEnabled/', params={
  'enabled': 'true'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/action/setEnabled/',
  params: {
  'enabled' => 'boolean'
}, headers: headers

p JSON.parse(result)

GET /JSON/pscan/action/setEnabled/

Sets whether or not the passive scanning is enabled (Note: the enabled state is not persisted).

Parameters

Name In Type Required Description
enabled query boolean true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanActionSetScanOnlyInScope

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/action/setScanOnlyInScope/?onlyInScope=true \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/action/setScanOnlyInScope/?onlyInScope=true");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/action/setScanOnlyInScope/', params={
  'onlyInScope': 'true'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/action/setScanOnlyInScope/',
  params: {
  'onlyInScope' => 'boolean'
}, headers: headers

p JSON.parse(result)

GET /JSON/pscan/action/setScanOnlyInScope/

Sets whether or not the passive scan should be performed only on messages that are in scope.

Parameters

Name In Type Required Description
onlyInScope query boolean true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanActionEnableAllScanners

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/action/enableAllScanners/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/action/enableAllScanners/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/action/enableAllScanners/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/action/enableAllScanners/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/pscan/action/enableAllScanners/

Enables all passive scanners

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanActionDisableAllScanners

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/action/disableAllScanners/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/action/disableAllScanners/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/action/disableAllScanners/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/action/disableAllScanners/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/pscan/action/disableAllScanners/

Disables all passive scanners

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanActionEnableScanners

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/action/enableScanners/?ids=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/action/enableScanners/?ids=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/action/enableScanners/', params={
  'ids': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/action/enableScanners/',
  params: {
  'ids' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /JSON/pscan/action/enableScanners/

Enables all passive scanners with the given IDs (comma separated list of IDs)

Parameters

Name In Type Required Description
ids query integer true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanActionDisableScanners

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/action/disableScanners/?ids=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/action/disableScanners/?ids=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/action/disableScanners/', params={
  'ids': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/action/disableScanners/',
  params: {
  'ids' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /JSON/pscan/action/disableScanners/

Disables all passive scanners with the given IDs (comma separated list of IDs)

Parameters

Name In Type Required Description
ids query integer true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanActionSetScannerAlertThreshold

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/action/setScannerAlertThreshold/?id=0&alertThreshold=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/action/setScannerAlertThreshold/?id=0&alertThreshold=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/action/setScannerAlertThreshold/', params={
  'id': '0',  'alertThreshold': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/action/setScannerAlertThreshold/',
  params: {
  'id' => 'integer',
'alertThreshold' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/pscan/action/setScannerAlertThreshold/

Sets the alert threshold of the passive scanner with the given ID, accepted values for alert threshold: OFF, DEFAULT, LOW, MEDIUM and HIGH

Parameters

Name In Type Required Description
id query integer true none
alertThreshold query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

pscanActionSetMaxAlertsPerRule

Code samples

# You can also use wget
curl -X GET http://zap/JSON/pscan/action/setMaxAlertsPerRule/?maxAlerts=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/pscan/action/setMaxAlertsPerRule/?maxAlerts=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/pscan/action/setMaxAlertsPerRule/', params={
  'maxAlerts': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/pscan/action/setMaxAlertsPerRule/',
  params: {
  'maxAlerts' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /JSON/pscan/action/setMaxAlertsPerRule/

Sets the maximum number of alerts a passive scan rule should raise.

Parameters

Name In Type Required Description
maxAlerts query integer true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

search

searchViewUrlsByUrlRegex

Code samples

# You can also use wget
curl -X GET http://zap/JSON/search/view/urlsByUrlRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/search/view/urlsByUrlRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/search/view/urlsByUrlRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/search/view/urlsByUrlRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/search/view/urlsByUrlRegex/

Returns the URLs of the HTTP messages that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

searchViewUrlsByRequestRegex

Code samples

# You can also use wget
curl -X GET http://zap/JSON/search/view/urlsByRequestRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/search/view/urlsByRequestRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/search/view/urlsByRequestRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/search/view/urlsByRequestRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/search/view/urlsByRequestRegex/

Returns the URLs of the HTTP messages that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

searchViewUrlsByResponseRegex

Code samples

# You can also use wget
curl -X GET http://zap/JSON/search/view/urlsByResponseRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/search/view/urlsByResponseRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/search/view/urlsByResponseRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/search/view/urlsByResponseRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/search/view/urlsByResponseRegex/

Returns the URLs of the HTTP messages that match the given regular expression in the response optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

searchViewUrlsByHeaderRegex

Code samples

# You can also use wget
curl -X GET http://zap/JSON/search/view/urlsByHeaderRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/search/view/urlsByHeaderRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/search/view/urlsByHeaderRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/search/view/urlsByHeaderRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/search/view/urlsByHeaderRegex/

Returns the URLs of the HTTP messages that match the given regular expression in the header(s) optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

searchViewMessagesByUrlRegex

Code samples

# You can also use wget
curl -X GET http://zap/JSON/search/view/messagesByUrlRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/search/view/messagesByUrlRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/search/view/messagesByUrlRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/search/view/messagesByUrlRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/search/view/messagesByUrlRegex/

Returns the HTTP messages that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

searchViewMessagesByRequestRegex

Code samples

# You can also use wget
curl -X GET http://zap/JSON/search/view/messagesByRequestRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/search/view/messagesByRequestRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/search/view/messagesByRequestRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/search/view/messagesByRequestRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/search/view/messagesByRequestRegex/

Returns the HTTP messages that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

searchViewMessagesByResponseRegex

Code samples

# You can also use wget
curl -X GET http://zap/JSON/search/view/messagesByResponseRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/search/view/messagesByResponseRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/search/view/messagesByResponseRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/search/view/messagesByResponseRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/search/view/messagesByResponseRegex/

Returns the HTTP messages that match the given regular expression in the response optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

searchViewMessagesByHeaderRegex

Code samples

# You can also use wget
curl -X GET http://zap/JSON/search/view/messagesByHeaderRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/search/view/messagesByHeaderRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/search/view/messagesByHeaderRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/search/view/messagesByHeaderRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/search/view/messagesByHeaderRegex/

Returns the HTTP messages that match the given regular expression in the header(s) optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

searchOtherHarByUrlRegex

Code samples

# You can also use wget
curl -X GET http://zap/OTHER/search/other/harByUrlRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/OTHER/search/other/harByUrlRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/OTHER/search/other/harByUrlRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/OTHER/search/other/harByUrlRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /OTHER/search/other/harByUrlRegex/

Returns the HTTP messages, in HAR format, that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

searchOtherHarByRequestRegex

Code samples

# You can also use wget
curl -X GET http://zap/OTHER/search/other/harByRequestRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/OTHER/search/other/harByRequestRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/OTHER/search/other/harByRequestRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/OTHER/search/other/harByRequestRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /OTHER/search/other/harByRequestRegex/

Returns the HTTP messages, in HAR format, that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

searchOtherHarByResponseRegex

Code samples

# You can also use wget
curl -X GET http://zap/OTHER/search/other/harByResponseRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/OTHER/search/other/harByResponseRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/OTHER/search/other/harByResponseRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/OTHER/search/other/harByResponseRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /OTHER/search/other/harByResponseRegex/

Returns the HTTP messages, in HAR format, that match the given regular expression in the response optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

searchOtherHarByHeaderRegex

Code samples

# You can also use wget
curl -X GET http://zap/OTHER/search/other/harByHeaderRegex/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/OTHER/search/other/harByHeaderRegex/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/OTHER/search/other/harByHeaderRegex/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/OTHER/search/other/harByHeaderRegex/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /OTHER/search/other/harByHeaderRegex/

Returns the HTTP messages, in HAR format, that match the given regular expression in the header(s) optionally filtered by URL and paginated with 'start' position and 'count' of messages.

Parameters

Name In Type Required Description
regex query string true none
baseurl query string false none
start query integer false none
count query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdate

autoupdateViewLatestVersionNumber

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/latestVersionNumber/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/latestVersionNumber/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/latestVersionNumber/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/latestVersionNumber/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/latestVersionNumber/

Returns the latest version number

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewIsLatestVersion

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/isLatestVersion/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/isLatestVersion/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/isLatestVersion/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/isLatestVersion/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/isLatestVersion/

Returns 'true' if ZAP is on the latest version

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewInstalledAddons

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/installedAddons/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/installedAddons/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/installedAddons/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/installedAddons/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/installedAddons/

Return a list of all of the installed add-ons

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewLocalAddons

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/localAddons/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/localAddons/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/localAddons/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/localAddons/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/localAddons/

Returns a list with all local add-ons, installed or not.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewNewAddons

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/newAddons/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/newAddons/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/newAddons/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/newAddons/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/newAddons/

Return a list of any add-ons that have been added to the Marketplace since the last check for updates

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewUpdatedAddons

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/updatedAddons/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/updatedAddons/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/updatedAddons/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/updatedAddons/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/updatedAddons/

Return a list of any add-ons that have been changed in the Marketplace since the last check for updates

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewMarketplaceAddons

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/marketplaceAddons/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/marketplaceAddons/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/marketplaceAddons/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/marketplaceAddons/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/marketplaceAddons/

Return a list of all of the add-ons on the ZAP Marketplace (this information is read once and then cached)

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionAddonDirectories

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionAddonDirectories/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionAddonDirectories/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionAddonDirectories/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionAddonDirectories/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionAddonDirectories/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionDayLastChecked

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionDayLastChecked/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionDayLastChecked/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionDayLastChecked/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionDayLastChecked/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionDayLastChecked/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionDayLastInstallWarned

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionDayLastInstallWarned/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionDayLastInstallWarned/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionDayLastInstallWarned/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionDayLastInstallWarned/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionDayLastInstallWarned/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionDayLastUpdateWarned

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionDayLastUpdateWarned/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionDayLastUpdateWarned/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionDayLastUpdateWarned/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionDayLastUpdateWarned/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionDayLastUpdateWarned/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionDownloadDirectory

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionDownloadDirectory/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionDownloadDirectory/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionDownloadDirectory/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionDownloadDirectory/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionDownloadDirectory/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionCheckAddonUpdates

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionCheckAddonUpdates/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionCheckAddonUpdates/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionCheckAddonUpdates/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionCheckAddonUpdates/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionCheckAddonUpdates/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionCheckOnStart

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionCheckOnStart/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionCheckOnStart/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionCheckOnStart/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionCheckOnStart/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionCheckOnStart/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionDownloadNewRelease

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionDownloadNewRelease/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionDownloadNewRelease/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionDownloadNewRelease/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionDownloadNewRelease/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionDownloadNewRelease/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionInstallAddonUpdates

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionInstallAddonUpdates/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionInstallAddonUpdates/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionInstallAddonUpdates/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionInstallAddonUpdates/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionInstallAddonUpdates/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionInstallScannerRules

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionInstallScannerRules/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionInstallScannerRules/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionInstallScannerRules/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionInstallScannerRules/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionInstallScannerRules/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionReportAlphaAddons

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionReportAlphaAddons/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionReportAlphaAddons/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionReportAlphaAddons/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionReportAlphaAddons/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionReportAlphaAddons/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionReportBetaAddons

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionReportBetaAddons/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionReportBetaAddons/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionReportBetaAddons/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionReportBetaAddons/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionReportBetaAddons/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateViewOptionReportReleaseAddons

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/view/optionReportReleaseAddons/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/view/optionReportReleaseAddons/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/view/optionReportReleaseAddons/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/view/optionReportReleaseAddons/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/view/optionReportReleaseAddons/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionDownloadLatestRelease

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/downloadLatestRelease/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/downloadLatestRelease/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/downloadLatestRelease/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/downloadLatestRelease/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/downloadLatestRelease/

Downloads the latest release, if any

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionInstallAddon

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/installAddon/?id=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/installAddon/?id=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/installAddon/', params={
  'id': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/installAddon/',
  params: {
  'id' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/installAddon/

Installs or updates the specified add-on, returning when complete (ie not asynchronously)

Parameters

Name In Type Required Description
id query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionInstallLocalAddon

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/installLocalAddon/?file=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/installLocalAddon/?file=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/installLocalAddon/', params={
  'file': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/installLocalAddon/',
  params: {
  'file' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/installLocalAddon/

Parameters

Name In Type Required Description
file query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionUninstallAddon

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/uninstallAddon/?id=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/uninstallAddon/?id=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/uninstallAddon/', params={
  'id': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/uninstallAddon/',
  params: {
  'id' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/uninstallAddon/

Uninstalls the specified add-on

Parameters

Name In Type Required Description
id query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionSetOptionCheckAddonUpdates

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/setOptionCheckAddonUpdates/?Boolean=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/setOptionCheckAddonUpdates/?Boolean=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/setOptionCheckAddonUpdates/', params={
  'Boolean': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/setOptionCheckAddonUpdates/',
  params: {
  'Boolean' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/setOptionCheckAddonUpdates/

Parameters

Name In Type Required Description
Boolean query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionSetOptionCheckOnStart

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/setOptionCheckOnStart/?Boolean=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/setOptionCheckOnStart/?Boolean=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/setOptionCheckOnStart/', params={
  'Boolean': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/setOptionCheckOnStart/',
  params: {
  'Boolean' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/setOptionCheckOnStart/

Parameters

Name In Type Required Description
Boolean query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionSetOptionDownloadNewRelease

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/setOptionDownloadNewRelease/?Boolean=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/setOptionDownloadNewRelease/?Boolean=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/setOptionDownloadNewRelease/', params={
  'Boolean': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/setOptionDownloadNewRelease/',
  params: {
  'Boolean' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/setOptionDownloadNewRelease/

Parameters

Name In Type Required Description
Boolean query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionSetOptionInstallAddonUpdates

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/setOptionInstallAddonUpdates/?Boolean=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/setOptionInstallAddonUpdates/?Boolean=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/setOptionInstallAddonUpdates/', params={
  'Boolean': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/setOptionInstallAddonUpdates/',
  params: {
  'Boolean' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/setOptionInstallAddonUpdates/

Parameters

Name In Type Required Description
Boolean query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionSetOptionInstallScannerRules

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/setOptionInstallScannerRules/?Boolean=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/setOptionInstallScannerRules/?Boolean=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/setOptionInstallScannerRules/', params={
  'Boolean': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/setOptionInstallScannerRules/',
  params: {
  'Boolean' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/setOptionInstallScannerRules/

Parameters

Name In Type Required Description
Boolean query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionSetOptionReportAlphaAddons

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/setOptionReportAlphaAddons/?Boolean=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/setOptionReportAlphaAddons/?Boolean=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/setOptionReportAlphaAddons/', params={
  'Boolean': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/setOptionReportAlphaAddons/',
  params: {
  'Boolean' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/setOptionReportAlphaAddons/

Parameters

Name In Type Required Description
Boolean query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionSetOptionReportBetaAddons

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/setOptionReportBetaAddons/?Boolean=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/setOptionReportBetaAddons/?Boolean=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/setOptionReportBetaAddons/', params={
  'Boolean': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/setOptionReportBetaAddons/',
  params: {
  'Boolean' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/setOptionReportBetaAddons/

Parameters

Name In Type Required Description
Boolean query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

autoupdateActionSetOptionReportReleaseAddons

Code samples

# You can also use wget
curl -X GET http://zap/JSON/autoupdate/action/setOptionReportReleaseAddons/?Boolean=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/autoupdate/action/setOptionReportReleaseAddons/?Boolean=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/autoupdate/action/setOptionReportReleaseAddons/', params={
  'Boolean': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/autoupdate/action/setOptionReportReleaseAddons/',
  params: {
  'Boolean' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/autoupdate/action/setOptionReportReleaseAddons/

Parameters

Name In Type Required Description
Boolean query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spider

spiderViewStatus

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/status/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/status/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/status/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/status/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/status/

Parameters

Name In Type Required Description
scanId query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewResults

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/results/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/results/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/results/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/results/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/results/

Parameters

Name In Type Required Description
scanId query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewFullResults

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/fullResults/?scanId=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/fullResults/?scanId=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/fullResults/', params={
  'scanId': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/fullResults/',
  params: {
  'scanId' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/fullResults/

Parameters

Name In Type Required Description
scanId query integer true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewScans

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/scans/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/scans/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/scans/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/scans/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/scans/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewExcludedFromScan

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/excludedFromScan/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/excludedFromScan/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/excludedFromScan/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/excludedFromScan/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/excludedFromScan/

Gets the regexes of URLs excluded from the spider scans.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewAllUrls

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/allUrls/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/allUrls/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/allUrls/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/allUrls/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/allUrls/

Returns a list of unique URLs from the history table based on HTTP messages added by the Spider.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewAddedNodes

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/addedNodes/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/addedNodes/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/addedNodes/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/addedNodes/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/addedNodes/

Returns a list of the names of the nodes added to the Sites tree by the specified scan.

Parameters

Name In Type Required Description
scanId query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewDomainsAlwaysInScope

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/domainsAlwaysInScope/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/domainsAlwaysInScope/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/domainsAlwaysInScope/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/domainsAlwaysInScope/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/domainsAlwaysInScope/

Gets all the domains that are always in scope. For each domain the following are shown: the index, the value (domain), if enabled, and if specified as a regex.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionDomainsAlwaysInScope

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionDomainsAlwaysInScope/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionDomainsAlwaysInScope/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionDomainsAlwaysInScope/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionDomainsAlwaysInScope/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionDomainsAlwaysInScope/

Use view domainsAlwaysInScope instead.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionDomainsAlwaysInScopeEnabled

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionDomainsAlwaysInScopeEnabled/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionDomainsAlwaysInScopeEnabled/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionDomainsAlwaysInScopeEnabled/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionDomainsAlwaysInScopeEnabled/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionDomainsAlwaysInScopeEnabled/

Use view domainsAlwaysInScope instead.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionHandleParameters

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionHandleParameters/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionHandleParameters/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionHandleParameters/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionHandleParameters/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionHandleParameters/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionMaxChildren

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionMaxChildren/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionMaxChildren/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionMaxChildren/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionMaxChildren/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionMaxChildren/

Gets the maximum number of child nodes (per node) that can be crawled, 0 means no limit.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionMaxDepth

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionMaxDepth/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionMaxDepth/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionMaxDepth/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionMaxDepth/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionMaxDepth/

Gets the maximum depth the spider can crawl, 0 if unlimited.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionMaxDuration

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionMaxDuration/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionMaxDuration/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionMaxDuration/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionMaxDuration/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionMaxDuration/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionMaxParseSizeBytes

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionMaxParseSizeBytes/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionMaxParseSizeBytes/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionMaxParseSizeBytes/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionMaxParseSizeBytes/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionMaxParseSizeBytes/

Gets the maximum size, in bytes, that a response might have to be parsed.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionMaxScansInUI

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionMaxScansInUI/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionMaxScansInUI/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionMaxScansInUI/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionMaxScansInUI/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionMaxScansInUI/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionRequestWaitTime

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionRequestWaitTime/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionRequestWaitTime/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionRequestWaitTime/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionRequestWaitTime/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionRequestWaitTime/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionScope

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionScope/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionScope/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionScope/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionScope/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionScope/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionScopeText

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionScopeText/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionScopeText/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionScopeText/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionScopeText/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionScopeText/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionSkipURLString

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionSkipURLString/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionSkipURLString/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionSkipURLString/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionSkipURLString/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionSkipURLString/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionThreadCount

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionThreadCount/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionThreadCount/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionThreadCount/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionThreadCount/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionThreadCount/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionUserAgent

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionUserAgent/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionUserAgent/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionUserAgent/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionUserAgent/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionUserAgent/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionAcceptCookies

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionAcceptCookies/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionAcceptCookies/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionAcceptCookies/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionAcceptCookies/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionAcceptCookies/

Gets whether or not a spider process should accept cookies while spidering.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionHandleODataParametersVisited

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionHandleODataParametersVisited/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionHandleODataParametersVisited/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionHandleODataParametersVisited/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionHandleODataParametersVisited/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionHandleODataParametersVisited/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionParseComments

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionParseComments/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionParseComments/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionParseComments/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionParseComments/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionParseComments/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionParseGit

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionParseGit/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionParseGit/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionParseGit/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionParseGit/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionParseGit/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionParseRobotsTxt

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionParseRobotsTxt/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionParseRobotsTxt/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionParseRobotsTxt/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionParseRobotsTxt/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionParseRobotsTxt/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionParseSVNEntries

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionParseSVNEntries/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionParseSVNEntries/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionParseSVNEntries/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionParseSVNEntries/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionParseSVNEntries/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionParseSitemapXml

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionParseSitemapXml/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionParseSitemapXml/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionParseSitemapXml/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionParseSitemapXml/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionParseSitemapXml/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionPostForm

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionPostForm/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionPostForm/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionPostForm/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionPostForm/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionPostForm/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionProcessForm

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionProcessForm/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionProcessForm/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionProcessForm/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionProcessForm/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionProcessForm/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionSendRefererHeader

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionSendRefererHeader/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionSendRefererHeader/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionSendRefererHeader/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionSendRefererHeader/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionSendRefererHeader/

Gets whether or not the 'Referer' header should be sent while spidering.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderViewOptionShowAdvancedDialog

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/view/optionShowAdvancedDialog/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/view/optionShowAdvancedDialog/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/view/optionShowAdvancedDialog/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/view/optionShowAdvancedDialog/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/view/optionShowAdvancedDialog/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionScan

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/scan/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/scan/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/scan/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/scan/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/scan/

Runs the spider against the given URL (or context). Optionally, the 'maxChildren' parameter can be set to limit the number of children scanned, the 'recurse' parameter can be used to prevent the spider from seeding recursively, the parameter 'contextName' can be used to constrain the scan to a Context and the parameter 'subtreeOnly' allows to restrict the spider under a site's subtree (using the specified 'url').

Parameters

Name In Type Required Description
url query string false none
maxChildren query integer false none
recurse query boolean false none
contextName query string false none
subtreeOnly query boolean false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionScanAsUser

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/scanAsUser/?contextId=0&userId=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/scanAsUser/?contextId=0&userId=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/scanAsUser/', params={
  'contextId': '0',  'userId': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/scanAsUser/',
  params: {
  'contextId' => 'integer',
'userId' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/scanAsUser/

Runs the spider from the perspective of a User, obtained using the given Context ID and User ID. See 'scan' action for more details.

Parameters

Name In Type Required Description
contextId query integer true none
userId query integer true none
url query string false none
maxChildren query integer false none
recurse query boolean false none
subtreeOnly query boolean false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionPause

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/pause/?scanId=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/pause/?scanId=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/pause/', params={
  'scanId': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/pause/',
  params: {
  'scanId' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/pause/

Parameters

Name In Type Required Description
scanId query integer true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionResume

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/resume/?scanId=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/resume/?scanId=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/resume/', params={
  'scanId': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/resume/',
  params: {
  'scanId' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/resume/

Parameters

Name In Type Required Description
scanId query integer true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionStop

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/stop/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/stop/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/stop/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/stop/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/stop/

Parameters

Name In Type Required Description
scanId query integer false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionRemoveScan

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/removeScan/?scanId=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/removeScan/?scanId=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/removeScan/', params={
  'scanId': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/removeScan/',
  params: {
  'scanId' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/removeScan/

Parameters

Name In Type Required Description
scanId query integer true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionPauseAllScans

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/pauseAllScans/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/pauseAllScans/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/pauseAllScans/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/pauseAllScans/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/pauseAllScans/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionResumeAllScans

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/resumeAllScans/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/resumeAllScans/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/resumeAllScans/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/resumeAllScans/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/resumeAllScans/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionStopAllScans

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/stopAllScans/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/stopAllScans/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/stopAllScans/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/stopAllScans/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/stopAllScans/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionRemoveAllScans

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/removeAllScans/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/removeAllScans/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/removeAllScans/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/removeAllScans/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/removeAllScans/

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionClearExcludedFromScan

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/clearExcludedFromScan/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/clearExcludedFromScan/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/clearExcludedFromScan/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/clearExcludedFromScan/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/clearExcludedFromScan/

Clears the regexes of URLs excluded from the spider scans.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionExcludeFromScan

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/excludeFromScan/?regex=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/excludeFromScan/?regex=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/excludeFromScan/', params={
  'regex': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/excludeFromScan/',
  params: {
  'regex' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/excludeFromScan/

Adds a regex of URLs that should be excluded from the spider scans.

Parameters

Name In Type Required Description
regex query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionAddDomainAlwaysInScope

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/addDomainAlwaysInScope/?value=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/addDomainAlwaysInScope/?value=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/addDomainAlwaysInScope/', params={
  'value': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/addDomainAlwaysInScope/',
  params: {
  'value' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/addDomainAlwaysInScope/

Adds a new domain that's always in scope, using the specified value. Optionally sets if the new entry is enabled (default, true) and whether or not the new value is specified as a regex (default, false).

Parameters

Name In Type Required Description
value query string true none
isRegex query boolean false none
isEnabled query boolean false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionModifyDomainAlwaysInScope

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/modifyDomainAlwaysInScope/?idx=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/modifyDomainAlwaysInScope/?idx=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/modifyDomainAlwaysInScope/', params={
  'idx': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/modifyDomainAlwaysInScope/',
  params: {
  'idx' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/modifyDomainAlwaysInScope/

Modifies a domain that's always in scope. Allows to modify the value, if enabled or if a regex. The domain is selected with its index, which can be obtained with the view domainsAlwaysInScope.

Parameters

Name In Type Required Description
idx query integer true none
value query string false none
isRegex query boolean false none
isEnabled query boolean false none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionRemoveDomainAlwaysInScope

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/removeDomainAlwaysInScope/?idx=0 \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/removeDomainAlwaysInScope/?idx=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/removeDomainAlwaysInScope/', params={
  'idx': '0'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/removeDomainAlwaysInScope/',
  params: {
  'idx' => 'integer'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/removeDomainAlwaysInScope/

Removes a domain that's always in scope, with the given index. The index can be obtained with the view domainsAlwaysInScope.

Parameters

Name In Type Required Description
idx query integer true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionEnableAllDomainsAlwaysInScope

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/enableAllDomainsAlwaysInScope/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/enableAllDomainsAlwaysInScope/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/enableAllDomainsAlwaysInScope/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/enableAllDomainsAlwaysInScope/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/enableAllDomainsAlwaysInScope/

Enables all domains that are always in scope.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionDisableAllDomainsAlwaysInScope

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/disableAllDomainsAlwaysInScope/ \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/disableAllDomainsAlwaysInScope/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/disableAllDomainsAlwaysInScope/', params={

}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/disableAllDomainsAlwaysInScope/',
  params: {
  }, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/disableAllDomainsAlwaysInScope/

Disables all domains that are always in scope.

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionSetOptionHandleParameters

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/setOptionHandleParameters/?String=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/setOptionHandleParameters/?String=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/setOptionHandleParameters/', params={
  'String': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/setOptionHandleParameters/',
  params: {
  'String' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/setOptionHandleParameters/

Parameters

Name In Type Required Description
String query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionSetOptionScopeString

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/setOptionScopeString/?String=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/setOptionScopeString/?String=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/setOptionScopeString/', params={
  'String': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/setOptionScopeString/',
  params: {
  'String' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/setOptionScopeString/

Use actions [add|modify|remove]DomainAlwaysInScope instead.

Parameters

Name In Type Required Description
String query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionSetOptionSkipURLString

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/setOptionSkipURLString/?String=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/setOptionSkipURLString/?String=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

import requests
headers = {
  'Accept': 'application/json',
  'X-ZAP-API-Key': 'API_KEY'
}

r = requests.get('http://zap/JSON/spider/action/setOptionSkipURLString/', params={
  'String': 'string'
}, headers = headers)

print r.json()

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'X-ZAP-API-Key' => 'API_KEY'
}

result = RestClient.get 'http://zap/JSON/spider/action/setOptionSkipURLString/',
  params: {
  'String' => 'string'
}, headers: headers

p JSON.parse(result)

GET /JSON/spider/action/setOptionSkipURLString/

Parameters

Name In Type Required Description
String query string true none

Example responses

default Response

{
  "message": "string",
  "code": 100
}

Responses

Status Meaning Description Schema
default Default unexpected error Error

spiderActionSetOptionUserAgent

Code samples

# You can also use wget
curl -X GET http://zap/JSON/spider/action/setOptionUserAgent/?String=string \
  -H 'Accept: application/json' \
  -H 'X-ZAP-API-Key: API_KEY'

URL obj = new URL("http://zap/JSON/spider/action/setOptionUserAgent/?String=string");
HttpURLConnection con = (HttpURLConnection)<