Support
Options

Advanced

This document is for:
Invicti Standard

In the Advanced tab in Invicti Standard, you can configure multiple options in multiple categories such as browsing, attacking, logging within the application. Performance and coverage can be achieved with the help of these options, which may vary depending on the scanned target.

To view the Advanced tab, press the CTRL key and click Options.

Advanced Option Categories

This table lists and explains the various types of task categories available in Advanced.

The list is sorted A-Z. Click the category icon to sort the items by category instead.

Category Description
Attacker These are options about Invicti attacker, which can change attack behaviours.
Crawler These are options about Invicti crawler, which can change performance and coverage.
Logging These are options about logging, which includes logging level, logging HTTP requests, and performance analysis.
Misc These are non-categorized options, and includes actions in proxy, report and auto-update.
Scan These are options about scan action that can affect scan performance and the information scans produce.
UI These are options about the Invicti Standard UI, such as Theme, Language, and Invicti Assistant.

Advanced Options

This table lists and describes the options available in Advanced.

Option Description
AllowNavigationOnDomParser This allows redirects at DOM Parser while loading the page.

 

The default value is: ‘False’.

AnalyzeAttacks If set to ‘False’, Invicti will not parse responses from attacks (such as responses from SQL Injections) to find new links.

 

If set to ‘True’, Invicti will do this, assuming other conditions are met. This will significantly increase CPU use during attacks.

The default value is: ‘False’.

AnalyzeParameterSubsetRelations If set to ‘True’, Invicti will analyze subset relations between parameter sets, i.e. Invicti will not attack the second link, as the first link contains all the parameters of the second one. For example:

 

1./search?name=john&surname=smith&city=london

2./search?name=john&surname=smith

The default value is: ‘True’.

ApplicationDocumentRootPath This sets the root path where Invicti will store its scan, log and configuration data.

 

The default value is: ‘{MyDocumentsPath}\{AssemblyProduct}\)’.

AssistantEnabled This enables Invicti Assistant.

 

The default value is: ‘True’.

AssistantLevel This sets the minimum severity that will be used by Invicti Assistant to notify users.

 

The default value is: ‘5’.

AssistantOptimizerLinkPoolThreshold This sets how many collected unique links it takes to trigger the Assistant Auto Optimizer.

 

The default value is: ‘50’.

AssistantOptimizerTimeout This determines the hard timeout (in seconds) after which the Assistant Auto Optimizer will be triggered to optimize the current scan policy.

 

The default value is: ‘600’.

AutoCloudUpload[a] If set to ‘True’, finished scans will be automatically uploaded to Invicti Enterprise.

 

The default value is: ‘False’.

AutoFollowRedirect If set to ‘True’, the requester automatically follows redirect responses.

 

The default value is: ‘False’.

AutoPilotExitAfterCrawlOnly If set to ‘True’, (when ForceAutoPilot is also set to ‘True’) Invicti will conduct a crawl-only scan, without attacking, and exit after the scan is finished.

 

The default value is: ‘False’.

AutoSaveInterval (min) This determines the interval (in minutes) after which Invicti auto-saves the scan status to the AutoSave.nss file.

 

The default value is: ‘15’.

AutoUpdate If set to ‘True’, automatic update checks are made once daily.

 

The default value is: ‘True’.

BlockSsrfRequestPerlink If set to ‘True’, it blocks CSRF Requests per link. Depending on the value, Invicti waits for other CSRF token requests to be finished. The default value is: ‘True’.
BuiltInPoliciesSuggestionStatus This specifies whether the scan policy optimization is suggested for scans that use built-in policies.

 

The default value is: ‘Always’.

CategorySwitchLevels This continues the state of performance logging configuration for categories in the Logging tab in the Options dialog.
CheckPublicSuffixForEmailDisclosure If set to ‘True’, Invicti checks the PublicSuffix list for detected email disclosures.

 

The default value is: ‘True’.

ClientCertificateStoreLocation This specifies the location of the X.509 certificate for client certificate authentication. The options are ‘CurrentUser’ and ‘LocalMachine’.

 

The default value is: ‘CurrentUser’.

CloudAPIToken This is the API Token for integration.
CloudServerURL This is the URL of the on-premises server.

 

The default value is: empty.

CloudType This is the Connection Type number. It determines the type of integration, whether it is for Invicti Enterprise On-Demand or Invicti Enterprise On-Premises.

 

The default value is: ‘1′.

CloudUserID This is the user ID for integration.

 

The default value is: YourUserID.

CompactLargeObjectHeap If set to ‘True’, the Large Object Heap (LOH) of the .NET framework is compacted periodically.

 

The default value is: ‘True’.

CsrfWaitHandleTimeout Depending on the value, Invicti waits for other CSRF token requests to be finished that is less than the given time.

 

The default value is: ‘-1’.

CsvlmportSeparator This specifies the delimiter character to use when importing links from CSV files.

 

The default value is: ‘,’.

CurrentIntegrationName This provides the selected Enterprise Integration name. For further information, see Enterprise Integration.
CustomRootCertificatePath This sets the path of the custom root certificate to be used by the internal proxy.

 

The default value is: empty.

DisableContentOptimization If set to ‘True’, Content Optimization is disabled. This prevents Invicti from performing some passive checks for the same HTTP responses.

 

The default value is: ‘False’.

DisableGUILogs If set to ‘True’, logs in the GUI are not shown.

 

The default value is: ‘False’.

DisableHawkCommunication If set to ‘True’, this disables communication with Invicti Hawk, meaning Out-of-Band SSRF engines are disabled even when they are selected in a scan policy.

 

The default value is: ‘False’.

DisableIgnoreCookieChecks If set to ‘True’, Invicti does not send requests without cookies (custom or not). (Normally, Invicti does this to increase coverage and determine the behaviour of the application when no cookie is sent.)

 

The default value is: ‘False’.

DisableIriParsing If set to ‘True’, Invicti converts some characters in the URL automatically. This conversion causes failure for some websites, which expect unchanged characters. If a website returns an error after changing the URL, this option needs to be False.

 

The default value is: ‘False’.

DisablePassiveEngines This disables passive security checks.

 

The default value is: ‘False’.

DisableRecrawling This disables the Recrawling phase of scans.

 

The default value is: ‘False’.

DisableRequestParametersReordering If set to ‘True’, Invicti will send query parameters in the order that were originally captured, otherwise parameters will be ordered alphabetically

 

The default value is: ‘False’.

DisableWebSecurity This specifies whether the –disable-web-security parameter passed to the Chromium instance.

 

The default value is: ‘True’.

DomParserClearAllIntervalsTimeout (ms) This clears all setInterval callbacks after this timeout (in milliseconds).

 

The default value is: ‘0’.[h][i]

DomParserDisableGpu This disables GPU acceleration in the DOM Parser simulation.

 

The default value is: ‘False’.

DomParserForceTimeouts If set to ‘True’, the DomParser will force setTimeout and setInterval callbacks to execute without waiting for a timeout.

 

The default value is: ‘False’.

DomParserMaxFormInputsCount This determines the maximum number of inputs the DOMParser will parse in a single form.

 

The default value is: ‘100’.

DomParserMaxFormsCount This determines the maximum number of forms the DOM Parser will parse in a document.

 

The default value is: ‘100’.

DomParserMaxLinksCount This determines the maximum number of links the DOM Parser will parse in a document.

 

The default value is: ‘1000’.

DomParserNonDfsTraversalReversed This is a reverse traversal order of DOM elements that are not in the SmartDFS sub-simulation.

 

The default value is: ‘False’.

DomViewportHeight This specifies the DOM viewport height.

 

The default value is: ‘720’.

DomViewportWidth This specifies the DOM viewport width.

 

The default value is: ‘1280’.

DomXssSingleAttackTimeout (ms) This sets the single attack timeout (in milliseconds) for the DOM XSS Scanner.

 

The default value is: ‘20000’.

DomXssTotalAttackTimeout (ms) This sets the total attack timeout (in milliseconds) for the DOM XSS Scanner.

 

The default value is: ‘600000’.

DoNotExpectAuthenticationChallenge This enables the requester to send authentication credentials without expecting a challenge from the server.

 

The default value is: ‘True’.

DoNotShowScanFinishedDialog If set to ‘True’, no dialog is displayed when a scan is finished.

 

The default value is: ‘False’.

DoNotShowScopeExtensionWarning If set to ‘True’, this disables the warning message shown when Invicti cannot figure out the root path for a scan whose Scope has been set to Entered Path and Below.

 

The default value is: ‘False’.

EnableAggressiveCaching This enables the aggressive caching of resources that are hosted on external domains.

 

The default value is: ‘True’.

EnableAssistOptimizer This enables the Invicti Assistant Scan Policy Optimizer.

 

The default value is: ‘True’.

EnableAutoSort This enables auto sorting in the Issues panel.

 

The default value is: ‘True’.

EnableBrowserStorageTracking This enables the collection of items from localStorage and sessionStorage in the browser.

 

The default value is: ‘True’.

EnableConsoleLogCollection This enables console log message collection.

 

The default value is: ‘True’.

EnableContextAwareXssAnalyzer If set to ‘True’, the Context Aware XSS analyzer is enabled. It runs before any XSS analysis. If it detects a vulnerability, the XSS engine won’t make any additional attacks.

 

The default value is: ‘True’.

EnableExpert100 If set to ‘True’, 100-Continue behavior is used for HTTP Requests.

 

The default value is: ‘False’.

EnableFeatureUsageTracking If set to ‘True’, this enables sending usage information to Invicti.

 

The default value is: ‘True’.

EnableGzipAndDeflate This enables GZip and Deflate decompression for compressed HTTP Responses.

 

The default value is: ‘True’.

EnableLinkDiagnostics This enables parent link detection for links with CSRF tokens.

 

The default value is: ‘False’.

EnableMLLoginPageIdentifier This enables the machine learning service to identify the login page(s).

 

The default value is: ‘False’.

EnableMLService This enables machine learning service integrations.

 

The default value is: ‘False’.

EnablePerformanceAnalysis If set to ‘True’, Invicti will generate performance logs if the log level is set high enough.

 

The default value is: ‘False’.

EnableSounds This enables sounds to play when certain events occur during the scan.

 

The default value is: ‘False’.

EnableStaticVDB This enables Version Disclosure vulnerabilities to be reported.

 

The default value is: ‘True’.

EnableTimingTracing If set to ‘True’, Invicti  will log JSON formatted information to the disk. Enabling this option will cause increased disk use and make Invicti generate another log file to the hard drive along with regular scan logs.

 

The default value is: ‘False’.

EnableWeakSignatureAlgorithmChecks This enables SSL certificate chain analysis for weak signature algorithms.

 

The default value is: ‘True’.

ErrorReportingServiceUrl This specifies the web service URL to which unhandled errors are reported.

 

The default value is: ‘http://www.invicti.com/support/error-reporting.asmx’.

FileExtensionRegex This specifies the RegEx that is used to find links that end with a file extension.

 

The default value is: ‘as[ap]x?|php[35]?|cf[cm]|pl|[psx]?html?|as[chm]x|config|dll|cgi|inc(?:lude)?|jsp?’.

ForceAutoPilot If set to ‘True’, this silent mode will not display error messages.

 

The default value is: ‘False’.

ForceQueryBasedScope If set to ‘True’, Invicti includes all files in a scan, regardless of the restricted extension in the scope.

 

The default value is: ‘False’.

FormAuthenticationMaxWaitAfterLoginForBearerToken (ms) This sets the maximum time (in milliseconds) to wait after logging in to intercept Bearer tokens.

 

The default value is: ‘2000’.

FormAuthenticationPageLoadTimeout (ms) This sets the maximum time (in milliseconds) to wait while trying to load a page during form authentication.

 

The default value is: ‘30000’.

FormAuthenticationWaitAfterLoginFormLoad (ms) This sets the time (in milliseconds) to wait after a login form is loaded.

 

The default value is: ‘2000’.

HideBrowserViewHint If set to ‘True’, the hint on the Browser View tab is hidden.

 

The default value is: ‘False’.

IastBridgeTimeout This sets the timeout for waiting data from the Shark Bridge (in miliseconds).

 

The default value is: ‘250’.

LastOpenedFolders This specifies the list of last opened folder paths.

 

The default value is: (Collection)

LastUsedScanProfile This specifies the name of the scan profile that was used last.

 

The default value is: empty.

LastWhatsNewCheck This specifies the last What’s New check date. The default value is: 1/1/2000.
LastWhatsNewDate This specifies the last What’s New post date. The default value is: 1/1/2000.
LayoutVersion This specifies the version of the current Invicti layout. The default value is: 1.
LightSQLInjectionChecks If set to ‘True’, this increases the speed of SQL Injection checks by decreasing the coverage.

 

The default value is: ‘False’.

LogExtremeDetail This enables performance analysis in detail. This will slow down the scan process.

 

The default value is: ‘False’.

LogFilesQuestionBinded If set to ‘True’, the log files are submitted through error reporting when a crash happens.

 

The default value is: ‘True’.

LoggingEnabled If set to ‘True’, this enables logging. Otherwise all logging will be disabled.

 

The default value is: ‘True’.

LogHttpRequests If set to ‘True’, HTTP requests made during a scan are saved into the scan folder using the Fiddler session file format.

 

The default value is: ‘False’.

LogRecurringParameters This enables or disables logging recurring parameter detections.

 

The default value is: ‘True’.

LogTracedActivityToXml If set to ‘True’, trace logs are written as XML files. Otherwise, they are written as CSV files.

 

The default value is: ‘False’.

LogRunningRegexTimeout (ms) This sets the maximum time (in milliseconds) that is allowed for long-running Regex operations.

 

The default value is: ‘30000’.

MaxDepth This sets the maximum depth for crawling links. The depth is calculated using the number of navigations required to access it. For example, if you need to click two links to access a link, the depth of that link is two.

 

The default value is: ‘5’.

MaxDocumentSizeKB This sets the maximum size of the document in kilobytes (KB). Invicti will cut the response and cancel the connection when a document HTTP read reaches this size.

 

The default value is: ‘3072’.

MaxDomParserCount This sets the maximum number of DOM Parser instances that run during a scan. It defaults to three-quarters of the logical processor count.

 

Otherwise, the default value is: ‘3’.

MaxDomXssScannerCount This determines the maximum number of DOM XSS scanner instances that run during a scan.

 

It defaults to three-quarters of the logical processor count. Otherwise, the default value is: ‘3’.

MaxEmailAddressReport This sets the maximum number of email addresses to report.

 

The default value is: ‘100’.

MaxHardFailRetry This sets the maximum amount of hard fails before Invicti will stop. Hard fails refer to serious connection problems, such as Connection Timeout, DNS Failure, TCP Reset or Proxy Connection is not Available.

 

The default value is: ‘10’.

MaxHardLogoutCount This sets the maximum logout count before Invicti gives up the scan.

 

The default value is: ‘1000’.

MaximumRedirect This sets the maximum redirect count.

 

The default value is: ‘4’.

MaximumResponseHeadersLength This sets the maximum allowed length in kilobytes (1024 bytes) of the response headers. A value of -1 means that no limit is imposed on the response headers. A value of 0 means that all requests will fail.

 

The default value is: ‘64’.

MaximumRetry This sets the maximum number of reattempts when Invicti fails to get a response from a page.

 

The default value is: ‘3’.

MaxKnowledgeItemCount This sets the maximum number of items that will be displayed in the Knowledge Base nodes.

 

The default value is: ‘500’.

MaxLength This sets the maximum character length to parse. If a document is larger than this, Invicti will cut it off before parsing.

 

The default value is: ‘500000’.

MaxRedirectBodySize This determines the maximum expected body size of the Redirect Response (in characters).

 

The default value is: ‘450’.

MaxThreadCountPerPool This determines the maximum number of threads in each thread pool.

 

The default value is: ‘24’.

MaxVulnerabilityThreshold This sets the maximum number of vulnerability reports for the same type. Invicti will not report the same vulnerability more than this number of times.

 

The default value is: ‘150’.

MaxVariationThreshold This determines the maximum number of variations to report for groupable vulnerabilities.

 

The default value is: 10.

MaxVulnerabilityThresholdForActiveEngines This sets the maximum number of vulnerability reports for the same type for active security checks such as SQLi and XSS, for example. Invicti will not report the same vulnerability more than this number of times.

 

The default value is: ‘1000’.

MaxWebViewReuseCount This sets the maximum reuse number of embedded browser instances.

 

The default value is: ‘100’.

MinCspNonceEntropyLimit This sets the allowed metric entropy of the base64 decoded nonce in the Content Security Policy engine. The setting is between 0 and 1.

 

The default value is: ‘0.15’.

NotifiedExpiringLicences If enabled, the user of any expiring licenses is notified.
NotifyWhatsNew If enabled, the user is notified with the What’s New. The default value is: ‘True’.
OnlyFillUpPost If set to ‘True’, Invicti will not use a default value for the empty GET parameters.

 

The default value is: ‘False’.

OnPremisesType This specifies the On-Premises product type.

 

The default value is: ‘0’.

ParallelAttacksStartLink This sets the amount of links that Invicti will crawl before it starts attacking, if Crawl and Attack is also enabled.

 

The default value is: ‘20’.

ParserParameterLimit This sets the maximum number of parameters to parse in a FORM field.

 

The default value is: ‘200’.

PasswordEncryptionScope This specifies the scope for password encryption. The alternatives are CurrentUser or LocalMachine.

 

The default value is: ‘CurrentUser’.

PerformanceLogLevel This sets the level for performance logging.

 

The default value is: ‘3’.

PptrConsoleDebug This enables or disables devtools console debug output of DOM simulation. The default value is: ‘False’
PptrEnableRateGate This uses the request per second settings. The default value is: ‘True’.
PptrHeadless This enables or disables Puppeteer headless mode. The default value is: ‘True’.
PptrPageDispose This enables or disables the Puppeteer page delaying disposal. The default value is: ‘True’.
PptrUseNativeRequester This uses native browser’s requester. The default value is: ‘False.’
PreventSleepModeDuringScan If set to ‘True’, this prevents the computer from entering sleep mode during the scan.

 

The default value is: ‘False’.

ProductName This is the name of this product.

 

The default value is: ‘Invicti’.

ProxyAddress This is the application proxy address.

 

The default value is: ‘127.0.0.1’.

ProxyAuthenticationEnabled If set to ‘True’, the application proxy authentication is enabled.

 

The default value is: ‘False’.

ProxyDomain This is the application proxy domain.

 

The default value is: empty.

ProxyMode This is the application proxy mode.

 

The default value is: ‘1’.[j]

ProxyPassword This is the application proxy password.

 

The default value is: empty.

ProxyPort This is the application proxy port.

 

The default value is: ‘8080’.

ProxyUseDefaultCredentials If set to ‘True’, the application proxy uses default credentials.

 

The default value is: ‘False’.

ProxyUserName This is the application proxy user name.

 

The default value is: empty.

RecentURLs This stores the list of URLs that have recently been scanned.
RecoverSessionPaths This stores the paths to session files that have crashed while using a previous Invicti instance.
ReportExportConfirmed This determines the Export Confirmed option for the Save Report dialog. The default value is: ‘True’.
ReportExportLastFolder This stores the path to the folder to which the last report was exported.

 

The default value is: empty.

ReportExportLastFooter This stores the last footer text for the report footer. The default value is: empty.
ReportExportLastHeader This stores the last header text for the report header. The default value is: empty.
ReportExportPdf This is the last Export as PDF option value.

 

The default value is: ‘True’.

ReportExportUnconfirmed This is the Export Unconfirmed option in the Save Report dialog.

 

The default value is: ‘True’.

ReportExportVariations This is the last Export All Variations option value.

 

The default value is: ‘False’.

ReportGenerationTimeout (s) This determines the time (in seconds) to wait before report generation is cancelled when triggered from the command line.

 

The default value is: ‘120’.

ReportOpenAfter This is the last Open Generated Report option value.

 

The default value is: ‘True’.

ReportPolicyAllowEdit If set to ‘True’, this enables users to add and edit vulnerability profiles in the Report Policy Editor. Administrator privilege is required to modify the Default Report Policy.

 

The default value is: ‘False’.

RequestBuilderMaxFileSize This determines the maximum file size (in megabytes) that can be used as a File Parameter in the Request Builder.

 

The default value is: ‘10’.

RequestHeaderDebugInfo If set to ‘True’, a header named X-Invicti-Debug (diagnostic debug information) is added to HTTP requests made by Invicti scans.

 

The default value is: ‘False’.

RequiresHttpRequester This determines whether Auto-Authenticator requires HTTP requester or not.

 

The default value is: ‘True’.

RequiresUpgrade If set to ‘True’, the current installation requires a one-time upgrade to be executed.

 

The default value is: ‘True’.

ResourceFinderThreadCount This determines the thread count used by the Resource Finder.

 

The default value is: ‘5’.

SavePermanentXSSAttacks If set to ‘True’, this saves permanent XSS attacks, so that they can be identified later.

 

If set to ‘False’, Invicti may not find the injection point for identified permanent XSS issues but will access the HDD (hard disk drive) much less during XSS attacks.

The default value is: ‘True’.

ScriptingRecursionLimit This sets the custom scripting maximum recursion level. The default value is: 100.
ScriptingTimeout This sets the custom scripting timeout in seconds. The default value is: 60.
SendAsUser This sends the unhandled exception as a user. The default value is: ‘False’.
SenderMailAddressBinding This specifies the mail address that error reports are sent to following a crash.

 

The default value is: empty.

SendErrorsToElk This specifies whether the error logs are to be sent to Kibana.

 

The default value is: ‘False’.

SendToActions This is a list of registered Send To Actions.
ShortRunningRegexTimeout (ms) This sets the maximum time (in milliseconds) that is allowed for short-running Regex operations.

 

The default value is: ‘15000’.

ShowAllLoggingCategories If set to ‘True’, all log categories in the Logging tab in the Options dialog are displayed.

 

The default value is: ‘False’.

ShowAttackPossiblityList If set to ‘True’, the Attack Possibilities node in is displayed in the Knowledge Base panel.

 

The default value is: ‘False’.

ShowOptions If set to ‘True’, the Start a New Website or Web Service Scan dialog opens with the Options panel expanded.

 

The default value is: ‘False’.

SmartDfsEnabled If set to ‘True’, SmartDFS is enabled in the DOM simulation.

 

The default value is: ‘True’.

SmartDfsMaxSampleCount This sets the maximum sample count for SmartDFS filtered DOM elements.

 

The default value is: ‘5’.

SmartDfsMinElementCount This sets the minimum number of elements to trigger SmartDFS.

 

The default value is: ‘5’.

SmartDfsMinTagGroupCount This sets the minimum number of HTML tag groups to trigger SmartDFS.

 

The default value is: ‘3’.

SmartDfsSimilarityDistance This sets the similarity distance between 0 and 1 for SmartDFS.

 

The default value is: ‘0.1’.

SqlHackerAvoidSpaces This replaces the space used by hackers to bypass some IDSes (intrusion detection systems) in SQL Injection exploitation with something else, including several checks.

 

The default value is: ‘True’.

SqlInjectionAutoFollowRedirect If set to ‘True’, the boolean SQL injection engine will follow HTTP redirects.

 

The default value is: ‘True’.

SQLInjectionDataLength This sets the maximum number of characters to export in an SQL Injection exploit.

 

The default value is: 1000.

SsrfEnableCheckOnScanStart If set to ‘True’, the Invicti Hawk health check is enabled at the start of a scan.

 

The default value is: ‘True’.

SsrfResponderName This specifies the name of the Server-side request forgery (SSRF) Responder. The default value is: ‘Hawk’
StopOnSslError This specifies whether Invicti stops scan if SSL connection error occurs.

 

The default value is: ‘True’.

StopSilentScanOnConnectionFailure This prevents host connection errors from being shown when the /silent switch is used.

 

The default value is: ‘False’

SuggestPolicyOptimization If set to ‘True’, the Scan Policy Optimizer dialog will be displayed at the start of a scan.

 

The default value is: ‘True’.

SwitchToOptimizedPolicy If set to ‘True’, this switches to auto-optimized Scan Policies automatically.

 

The default value is: ‘False’.

SystemProxyDomain This sets the application system proxy domain. The default value is: empty.
SystemProxyPassword This sets the application system proxy password. The default value is: empty.
SystemProxyUserName This sets the application system proxy username. The default value is: empty.
TextParserMaxFormsCount This sets the maximum number of forms the text parser will parse in a document.

 

The default value is: ‘100’.

TextParserMaxInputsCount This sets the maximum number of inputs the text parser will parse in a document.

 

The default value is: ‘100’.

TextParserMaxJsStringsCount This sets the maximum amount of JavaScript strings (including comments and literals) that can be parsed.

 

The default value is: ‘2000’.

TextParserMaxLinksCount This sets the maximum number of links the text parser will parse in a document.

 

The default value is: ‘1000’.

Theme This sets the preferred theme for the Invicti application.

 

The default value is: ‘GloomGloom’.

UpdateChannel This set the update channel for Auto Updates.

 

The default value is: ’empty’.

UpdateCheck This stores the date that last Auto Update was made.

 

The default value is: ‘2000-01-01’.

UpdatePath This specifies the URL where auto update checks are made.

 

The default value is: ‘http://www.invicti.com’.

UseCustomRootCertificate If set to ‘True’, the internal proxy uses the custom root certificate.

 

The default value is: ‘False’.

UseDatabase If set to ‘True’, the scan results are saved into the session database.

 

The default value is: ‘True’.

UsePlusForSpaceEncoding If set to ‘True’, the ‘+’ sign is used to encoding spaces in URLs, instead of ‘%20’.

 

The default value is: ‘False’.

UserInterfaceLanguage This sets the language code for the UI language.

 

The default value is: ‘en’.

VdbLastUpdateCheck This stores the date that the last VDB update check was made.

 

The default value is: ‘2000-01-01’.

VdbUpdateCheckURL This sets the URL where the VDB update check is made.

 

The default value is: ‘http://www.invicti.com/vdb/version/’.

VdbUpdateURL This sets the URL from which the VDB update is made.

 

The default value is: ‘https://www.invicti.com/vdb/download/’.

VdbUpdateVersion This stores the VDB version received from the update server.

 

The default value is: empty.

VdbVersion This stores the current VDB version.
WebApplicationFirewall This lists Web Application Firewall configuration registered.

 

The default value is: ‘Collection’.

WebInspectorRemoteDebugPort If set to ‘0’, the remote debug port for the web inspector is disabled.

 

The default value is: ‘0’.

WebServiceProtocolName This sets the protocol used to access the described XML Web services. The allowed values are: SOAP, SOAP 12, HttpPost, HttpGet and HttpSoap.

 

The default value is: empty.

How to View and Find Advanced Options

  1. Open Invicti Standard.
  2. In the Home tab, press the CTRL key, and click Options. The Options dialog is displayed, with the Advanced tab open in Alphabetical order.
  1. Enter the Advanced option you want in the search box. Alternatively, slide the scrollbar to search for it manually, then click on it when found.
  2. When you have completed configuring the Advanced option setting, click Save.

How to Prevent the Operating System From Going to Sleep While There is a Scan in Progress

  1. Open Invicti Standard.
  2. In the Home tab, press the CTRL key, and click Options. The Options dialog is displayed.
  3. In the search dialog, enter ‘PreventSleepModeDuringScan’ and click when displayed.

Alternatively, slide the scrollbar down to ‘PreventSleepModeDuringScan’ a click once to highlight.

  1. In the dropdown option, select True. (The default is False.)
  1. Click Save.

Invicti Help Center

Our Support team is ready to provide you with technical help.

Go to Help Center This will redirect you to the ticketing system.