Application Security Platform
Account setup

Authorized target scanning policy

This document is for:
Invicti Platform

Read before launching scans

Before initiating any scans, it is critical to ensure that you have proper authorization to test the target website or web application.

  • Unauthorized scanning is prohibited. Performing scans without consent may result in your IP address and all scan-related activity being logged on the target’s web server.
  • Inform stakeholders. If you are not the sole administrator of the website or application, you must notify all relevant administrators before starting a scan.
  • Be aware of the potential impact. Some scans may cause performance issues or even result in the target system becoming temporarily unavailable, requiring a manual restart.

By proceeding with a scan, you confirm that you have obtained all necessary permissions and accept responsibility for the actions and consequences associated with the scan.

Use our test websites

If you are new to scanning or want a safe environment to experiment in, we recommend using our publicly available test websites. These are designed specifically for safe, controlled scanning and testing—so you can explore Invicti’s capabilities without impacting live systems.

Test website http://testinvicti.com/

Name

URL

Technologies

ASP.Net  - Testinvicti

aspnet.testinvicti.com

Windows, IIS, ASP.NET , MsSQL

PHP - Testinvicti

php.testinvicti.com

Windows, Apache, PHP, MySQL

SPA - Angular - Testinvicti

angular.testinvicti.com

Ubuntu, Apache, PHP, Angular 5, MySQL

API - REST - Testinvicti

rest.testinvicti.com

Ubuntu 18, Apache, PHP 7.1, MySQL

GraphQL - Testinvicti

graphql.testinvicti.com

Ubuntu 22.04, NodeJS, GraphQL

Python - Testinvicti

python.testinvicti.com

Ubuntu 22.04, Flask, CouchDB, Nginx

API - Vulnerable API

vulnapi.testinvicti.com

Ubuntu, NodeJS, Swagger, SQLite

Test website http://www.vulnweb.com/

Name

URL

Technologies

SecurityTweets

http://testhtml5.vulnweb.com

nginx, Python, Flask, CouchDB

Acuart

http://testphp.vulnweb.com

Apache, PHP, MySQL

Acuforum

http://testasp.vulnweb.com

IIS, ASP, Microsoft SQL Server

Acublog

http://testaspnet.vulnweb.com

IIS, ASP.NET , Microsoft SQL Server

REST API

http://rest.vulnweb.com/

Apache, PHP, MySQL


Share This Article