Tools and ScansTechnical documentation, guides and FAQs related to our tools and scanners.
Frequently Asked Questions
The scan is there. Just allow yourself to see it.
Never let a frozen scan get in your way! Contact Support right away!
Counting scans shouldn't be a priority for you. Instead, keep an eye on the parallel scans.
Calibrate your expectations the way we calibrated our scanners
Don't endlessly watch the clock while a particular scan is running.
We don't make impossible promises. Unless they are not impossible anymore. It depends on your accessibility level to the DNS server.
Analyzing parameters is the key.
Web Application Testing
Looking for vulnerabilities in your web application? Let Website Scanner do that for you! In this article, we explain all the features and options available to help you make the finest vulnerability reports.
The complete list of tests performed by the website vulnerability scanner with details on how each test works.
Static Application Security Testing (SAST) vs Dynamic Application Security Testing (DAST)
Pay attention to URL's, as they might trick you!
Authenticated website scanner can fail if you are not using the right method for your specific target login method.
Network Infrastructure Testing
Things are not always what they seem - The host may have open ports, even if the scanner does not see it that way. Expanding the search or whitelisting our scanner IPs might solve the problem.
Our port scanners let you select between several common port lists, a specific port range, or a custom port list. See here what ports are actually being scanned, depending on which option you select.
Go default, specify the range or provide a list? - You choose.
Each IP in a range or CIDR will be considered as a separate target
Learn how to scan hosts from your internal network using a VPN connection to reach the internal networks.
A fast and easy way to obtain Proof of Concept for your detected XSS.
The Headers option allows the user to make an authenticated scan by having valid headers in the target application.
Recorded or Recording-Based Authentication is a newly added method that can help you when scanning websites with a non-standard authentication.
You can do this by using the custom HTTP headers authentication method
Sniper authenticated scans provide an easy and efficient way to quickly obtain information from a system in terms of Sniper Artefacts. Learn how to use this new Sniper feature in this short guide.
The Automatic Authentication Method allows the user to make an authenticated scan by having a valid pair of credentials in the target application.