This feature allows the scanner to login to a protected web application using HTML Form and continue the scan in order to find vulnerabilities within the protected web application.
In order to setup an authenticated web application scan see the following article:
http://support.holmsecurity.com/hc/en-us/articles/115003065809
General information (Form record)
Authentication information
Either you create a new record or use a pre-created record.
Authentication record name
The name of the record you wish to use.
Username (name of field)
The HTML name of the field where the username is applied.
Value
The username which the scanner will use for login.
Password (name of field)
The HTML name of the login field.
Value
The password which the scanner will use in order to login.
Add extra field
Use if additional fields are needed.
Authentication URL
The URL where the authentication form is located.
Success validation URL
The URL which the user lands on after the login has been approved.
Success validation string
This is the string that is checked for validation after logged in.
Method
The method which the scanner will use in order to apply the login information.
0 Comments