This module has three required parameters:

- The URL of the target Mahara instance (e.g. http://mahara.target.local/).

- The session key to send with POST requests (can be captured using e.g. OWASP ZAP/Burp Suite, or view source on the page and look for "sesskey" in the JavaScript).

- The user ID value/number to pass to page-create requests (can be captured using e.g. OWASP ZAP/Burp Suite) - should match the session that the session key and cookie were borrowed from.