Scan dynamic URL target
For our Dynamic URL (aka ephemeral) targets, scans can only be triggered via the API or during CI/CD. They cannot be initiated from the UI with the dynamic URL.
For instructions on how to add a dynamic URL target, refer to the linked document.
All scans are associated with the same dynamic URL (ephemeral or short-lived) target, even though they are performed on different URLs. |
There are two ways to scan a dynamic URL target:
- Scan a dynamic target via API
- Using any of our CI/CD integrations - just select your ephemeral target in the Asset field.
This document walks you through triggering a scan using API through Visual Studio.
Scan a dynamic URL target via API
- Open Visual studio for example, paste in the following sample script, and amend the variables.
POST https://platform.invicti.com/api/v1/scans HTTP/1.1 |
🛠️ | Replace to following parameters:
|
- Execute the script in Visual Studio to trigger the scan via the API.
- The response then looks similar to this.
- If you navigated to the Scans > All scans page, you would see a scan starting.
- Using the scan_id, you can locate the scan in Invicti Platform.
Find what URL was used for a scan
To see what URL was used for a Dynamic URL target scan follow these steps:
- Select Scans > All scans from the left-side menu.
- Choose the scan you want to review.
- Go to the Vulnerabilities tab, select a specific vulnerability, and view the associated URL in the panel that appears on the right.