Application Security Platform
Definitions and overview

What is target

This document is for:
Invicti Platform

A target in Invicti Platform refers to any web asset you want to scan for security vulnerabilities—this includes websites, APIs, web applications, servers, and network devices. To perform a security scan, you must first add the asset as a target. Typically, one target license is required per domain or web application.

Licensing rules for targets

When determining how targets are counted for licensing, the following rules apply:

  • localhost and 127.0.0.1 each consume 1 target
  • example.com and www.example.com together count as 1 target
  • The protocol (http vs. https) does not affect target count—1 target
  • Subdomains are considered separate targets:
    e.g.,
    www.example.com and api.example.com = 2 targets
  • Different paths within the same domain count as 1 target:
    e.g.,
    example.com and example.com/blog/ = 1 target
  • Different ports for the same domain count as 1 target:
    e.g.,
    example.com:8080 and example.com:8888 = 1 target
  • Invicti test sites (e.g., vulnweb.com) do not consume any target licenses

Important:
Regardless of how target variations are configured, the total number of targets you can create is limited to five times the number of targets included in your license.


Share This Article