To use OWASP ZAP for an automated vulnerability scan, follow these steps:

1. Start ZAP by running the command “zap-client” in your terminal or command prompt.
2. In the ZAP UI, click on the “Scan” button to start a new scan.
3. Select the “Automated Scan” option and click “Start Scan”.
4. In the “Automated Scan” page, enter the URL of the web application you want to perform an automated vulnerability scan for in the “URL” field.
5. Check the box next to “Intercept HTTP” to enable request interception.
6. Select the appropriate plugin(s) to use for the automated scan from the list provided. Plugins provide different types of tests and scans, such as SQL injection detection or cross-site scripting (XSS) scanning.
7. Configure any additional settings or options for the selected plugins as needed.
8. Click “Continue” to start the automated scan. ZAP will perform the configured tests and provide a report of any vulnerabilities it detects.
9. To stop the automated scan, click the “Stop Scan” button in the ZAP UI.
10. Review the generated report to identify potential vulnerabilities and take appropriate action to address them.

Note: It’s important to use OWASP ZAP with caution and only for authorized users. If you are using ZAP to perform automated scans without proper authorization or for unauthorized purposes, it could be considered a security risk or crime.