How can I exclude POST requests in OWASP ZAP? It is spamming a lot of forms and contact forms and therefore interrupting the normal operations of a website. Can I exclude this with a regex or is there an option build in?
In the Active Scan dialog check the 'Show advanced options' box. You will then see more tabs - select the 'Input Vectors' ta and then deselect the 'POST Data' target. For help on this dialog click the help button - the help is also online here: https://github.com/zaproxy/zap-core-help/wiki/HelpUiDialogsAdvascan
You can also create different policies via the Scan Policy Manager :)
Simon (ZAP Project Lead)