Knowledge Base

Back to home

Knowledge Base

Web Application Scanning

Web Application Scanning

Proficiently detect extensive web application vulnerabilities, including OWASP Top 10.

General

How do I create a web application?

What is the general basics for the web app crawler and scanner?

How do I find the sitemap of scanned applications?

How do I exclude one or more URLs from being scanned?

What does the different settings for crawl scope mean?

How do I blacklist file types for web applications?

How do I make sure I scan all relevant web applications?

How do I create a web application from the catalog?

How do I make a custom rule for exclusion of URLs for the web application scanner?

How do I activate JavaScript support in the web scan engine?

How to overview all identified software applications across assets?

How does the support for finding vulnerabilities in JavaScript libraries work?

How do I scan multiple domains in one web application?

See more

OWASP

What is OWASP Top 10?

What is the difference between OWASP Top 10 version 2013 and 2017?

Catalog

How do I add hosts to the web application catalog?

Scan profiles

How do I create a web application scan profile?

How does custom content work in the web application profile?

How do I exclude form methods in web application scans?

Path Traversal vulnerability

What does the scan profile settings mean?

What are advanced vulnerability plugins?

See more

Troubleshooting

What firewall settings are required when scanning using external (cloud) scanners?

Why are my website forms spammed?

How do I make exception in Admin Tools Pro for Joomla?

Authenticated scanning

How do I run an authenticated web application scan using HTTP basic authentication?

How do I see if an authenticated web application scan was successful or not?

How do I run an authenticated web application scan?

How do I run an authenticated web application scan using HTLM Form?

How do I run an authenticated web application scan using HTLM Dynamic form?

How do I use header injections in a web application scan?

How do I setup header injections?

What authentication methods does the web application scanner support?

How do I record a login sequence using the Web Recorder plugin?

How do I install the Web Recorder in Google Chrome?

See more

Schedules

How do I schedule a scan for a web application?

How do I schedule a scan for multiple web applications?