Support
Scans

Configuring Scan Profiles in Invicti Standard

This document is for:
Invicti Standard

As you launch web application security scans in Invicti Standard, you can configure the scan settings manually. But, since many scans are necessary, it would be inefficient to manually configure the same settings each time. Scan Profiles enable you to save scan settings for future scans. Scan Profiles can be reconfigured at any time.

These are the scan settings you can add to a Scan Profile:

  • Target URL
  • Scan Policy
  • Report Policy
  • Custom Cookies
  • Crawling Information
  • Scan Scope and Excluded URLs
  • Additional Websites
  • Imported Links
  • URL Rewrite
  • Pre-request Scripts
  • Authentication Settings
  • Scan Tags

NOTE: Scan Profiles apply only to single website scans. They cannot be used for group or multiple website scans.

In Invicti Standard, when you configure scan settings in the Start a New Website or Web Service Scan dialog, the tab in which the changes are made is marked as bold and underlined for reference (e.g. General). This is also useful when you load a Scan Profile. You can quickly see which tabs contain modified settings.

For more information on each scan setting, refer to Invicti Standard New Scan Fields and Invicti Standard Scan Options Fields.

How to create a new Scan Profile

  1. Open Invicti Standard.
  2. From the ribbon, click Home, then New. The Start a New Website or New Service Scan dialog will then appear.
  3. Configure the scan settings as explained in Invicti Standard New Scan Fields and Invicti Standard Scan Options Fields.
  4. In the Target Website or Web Service URL panel, click the scan profile dropdown (it will display Default on first use, or Previous Settings).

  1. Click Save as New Profile. The Save Profile As dialog is displayed.

  1. In the Profile Name field, enter a name, and click Save.

How to load a saved Scan Profile

  1. Open Invicti Standard.
  2. From the ribbon, click Home, then New. The Start a New Website or New Service Scan dialog will then appear.
  3. From the Target Website or Web Service URL panel, click Previous Settings.

  1. Select the Scan Profile you want to use.
  2. From the button dropdown, click the downward arrow, and click Start Scan.

How to change the Scan Settings in a Scan Profile

  1. Open Invicti Standard.
  2. From the ribbon, click Home, then New. The Start a New Website or New Service Scan dialog will then appear.
  3. In the Target Website or Web Service URL panel, click Previous Settings.

  1. Select the name of the Scan Profile you want to change.
  2. Configure the settings as required.
  3. From the Previous Settings dropdown, click Save Profile.

Default Scan Profiles in Invicti Standard

The Invicti Standard web security scanner has two built-in Scan Profiles, the Default and the Previous Settings.

  • The Default Scan Profile has the default configuration.
  • The Previous Settings built-in Scan Profile is used by the scanner to save the settings of the Scan Profile used in the previous scan. Even if you used a saved Scan Profile in a previous scan, its settings will be saved in the Previous Setting Scan Profile.

Managing Scan Profiles in Invicti Standard

Invicti Standard Scan Profiles are saved as XML files in the following location:

%USERPROFILE%\Documents\Invicti\Profiles

From this location, you can delete or back up your Scan Profiles