Support
Getting Started

Installing Invicti Enterprise On-Premises in Silent Mode

This document is for:
Invicti Enterprise On-Premises

You can install the Invicti Enterprise web application server and agent in silent mode.

  • Silent mode lets you run the installation without user interactionand no user interface is displayed.
  • You can define an installation configuration only once to streamline the process.

This article explains how to install the web application server and the agent in silent mode.

For instructions to perform manual installation and configuration, refer to Configuring the Invicti Enterprise Web Application Server using the Installation Wizard.

NOTE: You will need administrator permissions to run the installation in silent mode.

Prerequisites

This section lists the minimum requirements for installing the Invicti Enterprise web application server and agent in silent mode.

IMPORTANT: Some antivirus or anti-malware software may prevent Invicti Enterprise On-Premises from working or cause it to run very slowly. To ensure you can use Invicti On-Premises effectively, we recommend adding Invicti files and folders to your antivirus (or other protection scanning software) exception list (also known as a 'whitelist' or 'allow-list').

For more information about the Invicti files and folders we recommend excluding from your antivirus software, refer to Excluding Invicti files from antivirus scans.

Server Requirement

  • Change the Server Authentication method to SQL Server and Windows Authentication mode.

Database Requirement

  • Create a new database.

Required Access

  • A user must have a database owner role for the database created.

Installing the Invicti Enterprise Web Application Server

You can install the web application server in silent mode either by using a JSON file or with a Windows PowerShell Script.

How to install the Invicti Enterprise Web Application Server with JSON

  1. Copy the following script into a text editor and save it as silent_mode_settings.json.

{

  "DatabaseSettings": {

    "Server": ".",

    "Catalog": "InvictiDatabase",

    "IntegratedSecurity": false,

    "UserId": "DbPass",

    "Password": "user-password",

    "MaxPoolSize": 500,

    "Encrypt": false

  },

 "EncryptionSettings": {

    "SecretKey": "",

  },

  "AccountSettings": {

    "Name": "Invicti Silent Mode User",

    "Email": "silent_installation_user@invicti.com",

    "Password": "p@$$w0rd_2020_Silent_Mode",

    "ConfirmPassword": "p@$$w0rd_2020_Silent_Mode",

    "TimezoneId": "America/New_York",

    "IsAgreementsAccepted": true

  },

  "GeneralSettings": {

    "General": {

      "ServerRootUrl": "http://localhost",

      "UpdateServerUrl": "https://www.netsparker.com/",

      "EnableServiceDiscovery": true,

      "RadarRootUrl": "https://services.netsparker.cloud/",

      "ScanDataPath": "~/App_Data/ScanData/",

      "ScreenshotsPath": "~/Content/images/screenshots/",

      "MaxUploadedFileSize": 10,

      "SalesContactMail": "sales@companydomain.com",

      "SupportContactMail": "support@companydomain.com",

      "BlueGreenDeploymentEnabled": false,

      "IsAgentSelectionEnabled": true,

 "AgentInactivityTimeoutInMinutes": 60,

"HawkUrlEnabled": false, // if false, the default Hawk URL will be in use. Change false to enabled to add your own Hawk URL

        "HawkUrl": "https://r87.me OR enter your custom Hawk URL",

        "HawkUrlUpdateAll": true //If true, both default and custom scan policies are updated with your custom Hawk URL. If false, only the default scan policies are updated with your custom Hawk URL.

    },

    "Security": {

      "AllowedHostControlEnabled": false,

      "LocalhostScanEnabled": false,

      "IpAddresses": [

        {

          "Group": "Infrastructure",

          "Name": "Company Production",

          "Pattern": "^55.86.178.211$"

        },

        {

          "Group": "Proxy",

          "Name": "Local IIS (IPv4)",

          "Pattern": "^127.0.0.1$"

        },

        {

          "Group": "Proxy",

          "Name": "Local IIS (IPv6)",

          "Pattern": "^::1$"

        }

      ]

    }

  },

  "CloudSettings": {

    "Enabled": false,

    "ProviderType": "AWS",

    "WebsiteAccessKey": "Your Access Key",

    "WebsiteSecretKey": "Your Website Key",

    "AgentAccessKey": "Agent Access Key",

    "AgentSecretKey": "Agent Secret Key",

    "DeploymentBucketName": "Sample.Bucket.Deployment.Name/Sample.Name",

    "RegionEndpointName": "eu-west-128",

    "ScanDataBucketName": "Sample.Bucket.ScanData.Name",

    "ScreenshotBucketName": "Sample.Bucket.Screenshot.Name",

    "AgentBucketName": "Sample.Bucket.Agent.Name",

    "CustomizationsBucketName": "Sample.Bucket.Customization.Name",

    "Ec2AgentImageId": "ami-1a2b3c4d5e6f7g8h",

    "Ec2LinuxAgentImageId": "ami-1a2b3c4d5e6f7g8h",

    "Ec2AgentInstanceAssignedName": "Agent Service",

    "Ec2AgentInstanceSecurityGroup": "sg-sample123",

    "Ec2AgentInstanceType": "m5.xlarge",

    "Ec2AgentSubnetId": "subnet-123456",

    "Ec2KeyPairName": "SampleKeyPair"

  },

  "ScannerAgentSettings": {

    "SkipInstallation": true,

    "AccessToken": "Your Access Token"

  },

  "AuthenticationVerifierSettings": {

    "InstallAuthVerifier": false,

    "AccessToken": "Your Access Token",

    "AVServiceUrl": "http://localhost:5000/authverificationhub"

 },

  "EmailSettings": {

    "Enabled": false,

    "Host": "Host Information",

    "Port": 587,

    "UserName": "Your Username",

    "Password": "Your Password",

    "EnableEncryption": false,

    "AdminNotificationSender": "support@companydomain.com",

    "AdminNotificationRecipients": "support@companydomain.com",

    "ErrorNotificationRecipients": "support@companydomain.com",

    "SupportNotificationRecipients": "support@companydomain.com"

  },

  "SmsSettings": {

    "SmsEnabled": false,

    "AccountId": "Your Account ID",

    "AuthToken": "Your Auth Token",

    "PhoneNumber": "",

    "TestPhoneNumber": ""

  }

}

IMPORTANT: Ensure that you have entered the correct information into the JSON file so that the installation proceeds as expected.

Your password must be between 15-256 characters and must contain lowercase/uppercase letters, digits, and special characters.

  1. Open a command prompt window.
  2. Use cd to navigate to the directory containing WebAppSetup.exe.
  3. Run WebAppSetup.exe /exenoui /qn /L*V "silent-install.log". Wait for some time for the installation to complete.

TIP: To install the Invicti Enterprise Web Application Server to a different location, for example D:, use the following: WebAppSetup.exe /Q APPDIR="D:\Invicti Enterprise Web Application" /L*V "install-log.log"

  1. Copy, paste, and rename files as follows:
  1. Copy and paste the license file, which you were supplied, to the AppData folder in the Web Application installation folder.
  2. Rename the license file as "license.nsc".
  3. Copy and paste the silent mode settings file to the AppData folder in the Web Application installation folder.
  4. Rename the file as "silent_mode_settings.json".

  1. Open a command prompt window and run the following commands to restart the Invicti Enterprise Web Application.
  • cd %systemroot%\system32\inetsrv\
  • appcmd stop site /site.name:NetsparkerCloud
  • appcmd start site /site.name:NetsparkerCloud

IMPORTANT: This installation creates a secret_key.json file in the App_Data folder. After the installation, copy and store your secret key, then delete the secret_key.json file for your security.

How to install the Invicti Enterprise Web Application Server with PowerShell Script

  1. Create the silent_mode_settings.json file as instructed in the section above: How to install the Invicti Enterprise Web Application Server with JSON.  
  2. Copy the following script into a text editor and save it as silent-mode-installation.ps1.

NOTE: These instructions assume that ou installed the Invicti Enterprise Web Application to the default folder. If you did not install to the default folder, please change the relevant step in the PowerShell script accordingly.

# Go to the installation file path and run WebAppsetup.exe

$process = Start-Process -FilePath ./WebAppSetup.exe -ArgumentList "/exenoui /qn" -PassThru

for($i = 0; $i -le 100; $i = ($i + 1) % 100)

{

    Write-Progress -Activity "Invicti Enterprise Installer" -PercentComplete $i -Status "Installing"

    Start-Sleep -Milliseconds 100

    if ($process.HasExited) {

        Write-Progress -Activity "Installer" -Completed

        break

    }

}

Write-Host "Installing finished."

# Go to the license file source path and copy the file destination path

Write-Host "License file copy started."

Copy-Item "license.nsc" "C:\Program Files (x86)\Invicti Enterprise Web Application\App_Data"

Write-Host "License file copy finished."

# Go to the silent mode settings file source path and copy the file destination path

Write-Host "Silent mode settings file copy started."

Copy-Item "silent_mode_settings.json" "C:\Program Files (x86)\Invicti Enterprise Web Application\App_Data"

Write-Host "Silent mode settings file copy finished."

# Site restart on IIS

Stop-WebSite 'NetsparkerCloud'

Start-WebSite 'NetsparkerCloud'

  1. Open a Windows PowerShell window.
  2. Use cd to navigate to the directory containing the silent-mode-installation.ps1 file.
  3. Run .\silent-mode-installation.ps1

The PowerShell script installs the web application server and restarts the Invicti Enterprise Web Application.

IMPORTANT: This installation creates a secret_key.json file in the App_Data folder. After the installation, copy and store your secret key, then delete the secret_key.json file for your security.

Installing the Invicti Enterprise Agent in Silent Mode

Silent mode installation in Invicti Enterprise On-Premises helps you to install the Agent. For the manual installation instructions, refer to Installing the Invicti Enterprise Agent.

This table explains the parameters used in the silent mode installation for the Invicti Enterprise Agent.

Parameter

Description

/exenoui /qn

This parameter performs the silent installation without the user interface.

APPDIR

This parameter shows the location of the Agent.

APP_URL_PROP

This parameter shows the URL of the Web Application Server.

API_TOKEN_PROP

This parameter displays the API Token.

AGENT_NAME_PROP

This parameter displays the name of the Agent.

How to install the Invicti Enterprise Agent in Silent Mode

  1. Open a command prompt window.
  2. Run the following command:

AgentSetup.exe /exenoui /qn APPDIR="C:\Invicti Enterprise Agent" APP_URL_PROP="https://localhost/" APP_TOKEN_PROP="YOUR_TOKEN” AGENT_NAME_PROP="YOUR_AGENT_NAME"

Updating the Invicti Enterprise Web Application Server and Agent

To update the web application server or agent using silent installation mode, follow the installation instructions contained in this article.

NOTE: To update, you do not need to create a new database or a new user. Before updating, make sure you enter the Secret Key, if any, into the JSON file.

Troubleshooting

If you encounter any problems during silent mode installation, check the log files in the AppData folder. If the problem persists, submit a ticket through our Help Center.

« Back to the Invicti Support Page