Install internal agent on Docker
Invicti Platform lets you use internal agents to scan targets in your internal environment that are not publicly accessible from the internet or when you do not want to whitelist Invicti cloud agents.
This document explains how to install the Invicti internal agent using Docker CLI.
If your internal agents require a proxy to connect to platform.invicti.com or platform-eu.invicti.com, these parameters must be specified when installing the internal agent. For instructions, refer to Installing an internal agent with proxy settings.
Limitations for internal agents When the site is internal, and you prefer using internal agents for the scan, you cannot create a new Login Sequence Record (LSR) or Business Logic Record. However, you can import them. For further information about recording and downloading an LSR, refer to the Standalone login sequence recorder overview. |
Prerequisites
System requirements
- At least 2-core CPU 64bit processor
- Dedicated memory: minimum of 2 GB RAM
- At least 50GB of HDD
Access requirements
- Ensure Docker Desktop is installed on your host OS by verifying with the command 'docker -v' in Terminal. If version information is displayed, you're all set. Otherwise, refer to the Docker support documentation for installation guidance.
- Administrator privileges for command execution.
- Invicti Platform Administrator role.
Whitelisting requirements
If you are running multiple concurrent scans with internal agents, your RAM and CPU need to be exponentially greater than the specified installation requirements.
Any additional concurrent scan requires +2 GB RAM and + a 1-core. |
Steps to install an internal agent using Docker
- Select Scans > Agents from the left-side menu.
- Click Agent Installation Instructions.
- Select Docker.
- Enter a name for your internal agent.
- Copy the command from Step 3 in the Agent Installation Instructions.
- Open Terminal, paste, and execute the command copied from the Agent Installation Instructions.
Below is a table detailing the parameters necessary to configure a Docker container for installing an internal agent.
Parameter | Description |
-d | This indicates detached mode, allowing the container to operate in the background. |
--name | Assigns a name to the container. |
--url | Specifies the Invicti URL. |
--agentname | Defines the agent name in the Invicti UI, changeable later. If installing multiple agent instances, assign a unique agent name for each instance. (Max 50 characters) |
--registration-token | Obtain from Invicti Scans > Agents > Agent Installation > Docker > Your registration token is displayed in Step 2: Get your token. |
Your internal agent is successfully installed. Access the Invicti Agents page to view and manage your internal agents.
You can now assign targets to the installed internal agent and commence testing your website.
Troubleshooting
To troubleshoot issues, review the Docker log and host terminal. For further assistance, contact our Support team.