Read OTP from DataBase for OWASP ZAP authentication

We have an application we are testing for vulnerabilities using OWASP ZAP. To handle Login, I have created an authentication script for the UserName and PassWord, however, post submitting credentials, the application redirects to an OTP page. The OTP can be read from DataBase. Is there a way to read data from DBs using Owasp ZAP.

Solution

Yes. ZAP scripts can do anything you want - they have the same permissions as ZAP. So if you can access an OTP in any way from the command line then yes, ZAP scripts will be able to use it.

What is "X-Content-Type-Options=nosniff"?
HTML-Entity escaping to prevent XSS
ModSecurity WAF log configuration
Why is it common to put CSRF prevention tokens in cookies?
Hello, how to solve Permission denied Error while trying to generate OWASP ZAP report using Full Scan Docker image
Writing exclude configs for dependancy check
Hydra with OWASP juice-shop
Zap proxy converts Http requests to Https
How to run security check on Angular project or how to run OWASP dependency check for Angular Project
What are the differences between API IO and Web App IO? (OWASP's top 10s)
Postman unable sending to OWASP ZAP with the same proxy configuration
How to create "unsafe" environment for JavaScript XSS testing
Bicep code to deploy WAF policy for Azure Application gateway
How can i integrate OWASP ZAP with Cypress to run both together and get the Zap test Result and Owasp Zap result at the same time?
OWASP ZAP Scan tool doesn't support requests in XML format
Allowing "//" in URL.Any Security Standards for URL Definition?
How to login and scan with OWASP Zap
Options for token storage and refresh in SPAs
ZAP baseline scan doesn't generate report
iOS certificate pinning with Swift and NSURLSession
OWASP ZAP baseline scan returns unexpected error 1 in CI/CD pipeline
How to force specific version of a transitive dependency (netty-codec-http) in gradle?
Cross-Site Request Forgery Prevention: using a cookie for the Synchronizer Token Pattern
OWASP sanitizer generates unexpected results
OWASP Dependency check, how to use suppressions
OWASP/ZAP dangling when trying to scan
Dependency-Track is forgetting suppressions on vulnerabilities
How to run OWASP Dependency Check for an Angular project?
OWASP Dependency Tracker - Jenkins build error
Selenium script execution scanning by OWASP ZAP docker