What is the best way for OWASP Zap to handle Unique Fields and API Sequences?
First Situation: I proxy through some requests to zap and want to perform an active scan on them. Zap active scan is working on one property at a time, and this particular request requires some of the properties to be unique per request.
For example, a username can only be used once on registration, what pattern in zap would be best to tell active scan to change this property for every scan request?
Second Situation: This is similar to the first, but somewhat different. I have APIs that must be done in a sequence of steps. For example Step1, Step2, Step3, To perform the request for Step3, Step1 and Step2 must be completed. To achieve an optimal active scan on Step 3, for every active scan request, Step 1 and Step 2 would have to be performed before each request. What would be the best way to achieve this?
