Attack Possibilities is a list of the possible number of attacks per engine that Invicti Standard might carry out.
As a web security scanner, Invicti Standard crawls the website by visiting every link detected and carries out attacks on all resources. This process varies based on the complexity and size of the target web application.
Invicti Standard collects attack possibilities information via attack engines when it scans the target web application. That information is calculated based on the number of parameters present for each link. These parameters are used as estimates to inform users about scan progress.
Invicti forms Knowledge Base nodes on its findings. If the Attack Possibilities node is not listed, it means that Invicti did not find any.
The default value of Attack Possibilities is 'False'. To access the Attack Possibilities node in the Invicti Standard, you must set it to 'True' (see Advanced Options).
For further information, see Knowledge Base Nodes.
How to View the Attack Possibilities Node in Invicti Standard
- Open Invicti Standard.
- Start a scan or open a previously saved scan.
- The Knowledge Base is displayed on the right of the Scan Summary Dashboard. (If it is hidden, display it again using the Knowledge Base icon on the View tab on the ribbon. Alternatively, click the Reset Layout icon on the View tab, then close the Activity/Progress/Logs panes to give maximum viewing space.)
- Ensure that the Knowledge Base Viewer is also displayed. (If it is hidden, you can display it again using the Knowledge Base Viewer button on the View tab. You may also want to close the Activity/Progress/Logs panes.)
- Click the Attack Possibilities node in the Knowledge Base. All detected Attack Possibilities are displayed in the Knowledge Base Viewer.