Configuring OWASP Zap Spider to output the "chain of URLs" for each request

Question

I am new to vulnerability testing at my new job at an EC site development (we also get them up and continue to run them on AWS EC2).
I am wondering if there is a way to configure Spider so that I can get ouput of the the "URL chain" to serve all the requests that are listed when I run php artisan route:list Currently, my colleague who joined the company a few months before me is manually inputting this info into a spreadsheet. Ex. "Home->Register user info->Confirm registered user info->main shopping page->item category page->item description page->confirm adding product to cart page->etc." I find this to be extremely tedious, he does as well, and because he only speaks Japanese, I don't think he is able to post questions here.
I have started looking through the Zap documentation but have not seen anything relevant yet. Any advice is appreciated.

Answer 1

You can Active Scan specific orders of operations by leveraging the Sequence addon: https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsSequenceSequence. You can get it via the ZAP Marketplace:
There's also the Call Graph addon which might be of benefit to you, though I don't know the export options it provides off the top of my head.

Another alternative that might work for you would be writing a Standalone script that goes through the Sites Tree or History table looking at URLs and Referer headers:

• https://github.com/zaproxy/community-scripts/blob/master/standalone/Traverse%20sites%20tree.js
• https://github.com/zaproxy/community-scripts/blob/master/standalone/Loop%20through%20history%20table.js