- Knowledge Base
- Web Application Scanning
- Authenticated scanning
-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
System & Network Scanning
-
Web Application Scanning
-
Cloud Scanning (CSPM)
-
API Scanning
-
Phishing & Awareness Training
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
How do I run an authenticated web application scan using HTLM Form?
This feature allows the scanner to log in to a protected web application using HTML Form and continue the scan to find vulnerabilities within the protected web application.
To set up an authenticated web application scan, please read the following article:
http://support.holmsecurity.com/hc/en-us/articles/115003065809
Details about authentication:
Authentication information
Either you create a new record or use a pre-created record.
Authentication record name
The name of the record you wish to use.
Username (name of field)
The HTML name of the field where the username is applied.
Value
The username which the scanner will use for login.
Password (name of field)
The HTML name of the login field.
Value
The password that the scanner will use to log in.
Add extra field
Use if additional fields are needed.
Authentication URL
The URL where the authentication form is located.
Success validation URL
The URL which the user lands on after the login has been approved.
Success validation string
This is the string that is checked for validation after logging in.
Method
The method that the scanner will use to apply the login information.