Support
Invicti Standard Options

Invicti Assistant

This document is for:
Invicti Standard

Invicti Assistant in Invicti Standard is a smart scan assistant that guides you through a scan. Its main role is to detect scan configuration anomalies and provide you with detailed information, displayed in the Invicti Assistant notification panel, so that you can change those configurations. Most notifications contain action buttons to enable you to navigate through related scan settings or to fix the issue right away on demand.

In addition, Invicti Assistant also incorporates a real-time implementation of the Scan Policy Optimizer, which iteratively creates an optimized version of the current Scan Policy as it detects technologies on the target website. By default, this real-time optimizer notifies you when an optimized policy is created by Invicti Assistant, at which point you can switch to the optimized policy.

Configuring Invicti Assistant

You can both enable and set the Notification Level for Invicti Assistant from Options.

Notification Levels

This table lists and describes the Notification Levels in Invicti Assistant. The most severe Notification Level is Error and the least serious is Information.

Field

Description

Error

This is a severe situation that may prevent Invicti from performing in the optimal way.

Warning

This generally indicates a misconfigured scan setting that may result in a reduction in scan coverage. Warning also includes Error.

Best Practice

This is a strongly recommended scan or application configuration change that may improve the overall Invicti experience. Best Practice also includes Warning and Error.

Questions

This is a mild direction on any scan related parameter or configuration, expressed as a question. Question also includes Best Practice, Warning and Error.

Information

This is an informational feedback message about an occurring event that is worth mentioning. Information also includes Question, Best Practice, Warning and Error.

How to Configure Invicti Assistant

  1. Open Invicti Standard.
  2. In the Home tab, select Options Invicti Assistant
  3. In the Invicti Assistant panel, deselect the Enable Invicti Assistant checkbox to disable Invicti Assistant.
  4. Configure the Notification Level slide as required.
    • Configuring this slide will limit the Invicti Assistant notifications to the lowest notification level set. For example, you won't be receiving any Information level notifications when the slider configuration is set to ‘Best Practice, Warning, Error’. (For further information on this, see Invicti Assistant Notification Levels.)
  5. Click Save.

Viewing and Using Invicti Assistant

The Invicti Assistant panel is displayed on the right-hand side of the Invicti Standard window.

How to View the Invicti Assistant Panel

  1. Open Invicti Standard.
  2. While a scan is running, on the top right of the title bar, select the Invicti Assistant flag icon (). The Knowledge Base panel is hidden, and the Invicti Assistant panel is displayed in its place.
  3. As scan configuration issues are detected, they are displayed in the Invicti Assistant panel. And the title bar icon changes color () and displays the number of issues.
  4. Select the Close icon () to close the Invicti Assistant panel. Select title bar's Invicti Assistant flag icon to display it again.

How to Use Invicti Assistant to Change Configurations

  1. While a scan is running, detected scan configuration anomalies are displayed in the Invicti Assistant panel. (In the first item in this sample screenshot, 'Maximum Signature Exceeded', there are two buttons, representing two possible configuration changes: Increase Maximum and Set up Parameter Based Navigation.)
  2. In this example, clicking on Set up Parameter Based Navigation opens the Scan Policy Editor dialog, at the Parameter-Based Navigation.

  1. Configure the settings as required.

Configuring the Assistant Optimizer

Invicti Assistant may need to modify or alter your current Scan Policy in order to fix detected scan configuration anomalies. This optimization is an iterative process. When Invicti Assistant determines that the current Scan Policy requires optimization, it will continue to optimize and improve the policy.

Invicti Assistant will create a copy of the currently selected Scan Policy and rename it according to the change it recommends:

  • When you take an automatic action on a notification, you will notice '(Adjusted by Assistant)' is appended to the name of the policy.
  • Likewise, the Assistant Optimizer will clone the policy and append its name with '(Optimized by Assistant)'.
  • By design, Invicti Assistant avoids creating too many Scan Policies. During a scan session, Invicti Assistant uses a single Scan Policy. When a Scan Policy is optimized and then adjusted by the Assistant Optimizer, you will notice that the separate changes are merged into, and handled by, a single Scan Policy, whose name is appended with '(Optimized and Adjusted by Assistant)'.

Invicti Assistant gathers the detected technologies from the Signatures security check, configured in the Scan Policy Editor, until it decides the gathered data is enough to trigger an optimization iteration. It then optimizes the current Scan Policy.

At some later point of the Attacking phase, an SQL Injection check detects the database server on which the target website is running. At this point, Invicti Assistant will be updated and run a second iteration of optimization.

If Invicti has already switched to the optimized policy in the first iteration, this second iteration of the optimization won't take effect in the current scan session. These changes will only take effect in a new scan.

For best results, we recommend that you do both actions before running a scan:

  • Configure the Assistant Optimizer
  • Signature Security Checks

For further information, see How to Configure the Invicti Assistant Scan Policy Optimizer.

How to Configure the Invicti Assistant Scan Policy Optimizer

  1. Open Invicti Standard.
  2. In the Home tab, select Options Invicti Assistant
  3. Select the Enable Assistant Scan Policy Optimizer option.
  4. Select the Auto switch to optimized Scan Policy option.

  1. Select Save.

Disabling Invicti Assistant will also disable the Assistant Optimizer, regardless of Assistant Optimizer's configured Settings.

How to Configure the Signatures Security Check Group

  1. Open the Scan Policy Editor.
  2. Follow the instructions in How to Configure a New Scan Policy in Invicti Standard.
  3. Enable the Signatures security check. 

  1. Assistant Optimizer uses any technologies detected by the Signatures check (and SQL Injection checks) to optimize your Scan Policy. These detected technologies can be viewed in the Site Profile node of the Knowledge Base.