I'm coming up to speed with the OWASP Zap Scanner and have a requirement which I'm trying to figure out.
I want to be able to interact with the zap proxy api from a remote server (over internet) and pass through scan parameters such as target url, report output type, report destination, filter findings based on severity (low, medium, high), scan depth, etc. Etc
I would like to initiate using GET or POST requests.
Do I need to put a web server in front of zap such as Flask/Waitress which then proxies the request to zap api, or can I interact direct with the api?