in zap-baseline-custom.py [0:0]
def usage():
print ('Usage: zap-baseline.py -t <target> [options]')
print (' -t target target URL including the protocol, eg https://www.example.com')
print ('Options:')
print (' -c config_file config file to use to INFO, IGNORE or FAIL warnings')
print (' -u config_url URL of config file to use to INFO, IGNORE or FAIL warnings')
print (' -g gen_file generate default config file (all rules set to WARN)')
print (' -m mins the number of minutes to spider for (default 1)')
print (' -r report_html file to write the full ZAP HTML report')
print (' -w report_md file to write the full ZAP Wiki (Markdown) report')
print (' -x report_xml file to write the full ZAP XML report')
print (' -a include the alpha passive scan rules as well')
print (' -d show debug messages')
print (' -i default rules not in the config file to INFO')
print (' -j use the Ajax spider in addition to the traditional one')
print (' -l level minimum level to show: PASS, IGNORE, INFO, WARN or FAIL, use with -s to hide example URLs')
print (' -s short output format - dont show PASSes or example URLs')
print (' -z zap_options ZAP command line options e.g. -z "-config aaa=bbb -config ccc=ddd"')
print (' --active_scan after passive scan, perform active scan')
print ('Authentication:')
print (' --auth_loginurl login form URL ex. http://www.website.com/login')
print (' --auth_auto automatically find login fields')
print (' --auth_username username')
print (' --auth_password password')
print ('Manual authentication:')
print (' --auth_display display the login process (Xephyr required)')
print (' --auth_usernamefield username inputfield name')
print (' --auth_passwordfield password inputfield name')
print (' --auth_submitfield submit button name')
print (' --auth_firstsubmitfield two page login (usernam -> first submit -> password -> submit) (manual login)')
print (' --auth_exclude comma separated list of URLs to exclude, supply all URLs causing logout')