Managing Discovery Service in Invicti Enterprise
The Discovered Websites window displays and lets you manage all websites Invicti has discovered:
- You can filter results in each of the columns. Basic operations like ignore, create website, and blacklist, for some parameters, can be achieved here as well.
- The Status column's default filter is set to New so that newly discovered websites are displayed. This window then operates like a To-Do list. We recommend that you keep on top of this list, and process discovered items, by creating or excluding each discovered website every time you log in.
All users with Manage Websites permission can view Discovered Websites and configure Service Discovery Settings.
This topic explains how to manage the Discovery Service in Invicti Enterprise. For further information on the Discovery Service, see Application and Service Discovery.
Discovered Websites Fields
This table lists and explains the panels in the Discovered Websites window.
Field |
Description |
Authority |
This is the hostname or IP address and port number for a server. |
IP Address |
This is the IP address of the website. |
Top-Level Domain |
The TLD refers to the last segment of a domain name, or the part that follows immediately after the dot(.) symbol. |
Second Level Domain |
A second-level domain is a domain that is directly below a top-level domain (TLD).
|
Organization Name |
This is the name of the organization that is registered as the owner of the website. |
Status |
This is the status of the website. The options are:
|
Tags |
This column displays the tags you added to the discovered website. For further information, see Tagging discovered websites in Invicti Enterprise. |
Discovered Date |
This column displays when Invicti first discovered your web asset. You can filter results based on the date range. This is only available on the Invicti Enterprise On-Demand. |
Filtering
Filters enable you to find discovered websites that match given criteria.
How to Filter Your List of Discovered Websites
- In the Discovered Websites window, select the filter button (
) next to any column header. The filter dialog is displayed.
- Select to clear all fields.
- Add a New Filter if necessary (see How to Add a New Filter).
- In the relevant field, where relevant:
- From the Field drop-down, select an option
- From the Operator drop-down, select an option
- In the Value field, enter a value
- Select Apply. The list is filtered by the selected criteria.
How to Add a New Filter
- In the Discovered Websites window, select the filter button (
) above the Discovered Websites field next to any column header.
- In the filter dialog, select New Filter.
- Configure as required.
How to Filter Using Faceted Search
You can also filter the list of Discovered Websites using a faceted search. Click the number next to the IP Address, Second Level Domain, Top Level Domain, or Organization Name in any row to filter on that criteria.
The list will display only websites that fit the criteria you've clicked on.
Service Discovery Settings
In this window, you can configure the settings that determine how the Discovered Websites list searches for online resources.
The discovery process uses specific parameters to suggest websites:
- IP Address or IP Range
- Second Level Domain (SLD)
- Top-Level Domain (TLD)
- Organization Name
You can extend or narrow the results using these parameters, for example:
- You can select to detect all websites that have SLD invicti
- You can select to detect all websites that have TLD .gov
The Service Discovery Settings window has eight tabs. Each is outlined below.
Match Settings
This table lists and explains the sections in the Match Settings tab. They are all enabled by default.
Setting |
Description |
Email Matching |
Enable to use your account's email address second-level domain as a matching option. |
Website Matching |
Enable to use your added website's second-level domain as a matching option. The website matching option has a limit of 32 websites. |
Only Registered Domains |
Enable to exclude web services that do not have a publicly available DNS record. |
Reverse IP Lookup |
Enable to take the IP address pointing to a web server and search for other sites known to be hosted on the same web server. |
Organization Name Matching |
Enable to conduct another scan via the Organization Names extracted from the result set’s TLS certificates. |
Second-Level Domains
This tab lists the addresses that are below the top-level domains. A second-level domain is a domain that is directly below a top-level domain (TLD). For example, in example.com, 'example' is the second-level domain of the .com TLD.
Organizations
This tab lists the organization name (listed in the certificate's organization name fields or the website's copyright section) for each website or service that you want included in your Discovered Websites list.
IP Addresses
This tab lists the IP addresses and IP ranges for each website or service that you want included in your Discovered Websites list.
Excluded Second-Level Domains
This tab lists the second-level domains for each website or service that you want excluded from your Discovered Websites list.
Excluded Top Level Domains
This tab lists the top-level domains for each website or service that you want excluded from your Discovered Websites list. The TLD refers to the last segment of a domain name, or the part that follows immediately after the dot(.) symbol.
Excluded Organizational Names
This tab lists the name of the organizations whose websites should be excluded from the service.
Excluded IP Addresses
This tab lists the IP Addresses whose websites you would like excluded from the Discovered Websites list.
How to Configure Service Discovery Settings
- Log in to Invicti Enterprise.
- From the main menu, click Discovery > Settings.
- Configure the settings as explained in the table above.
- Select Save & Recrawl.
Discovery API
You can use API endpoints that enable you to ignore some of the discovered websites or change your discovery settings.
They perform other functions as well. For example, if you want to access the data as JSON or XML, you can use the API endpoints. You can then feed this data to other applications programmatically.
Please note that API endpoints have limited use for the operations on UI pages. For instance, you can use many filter operators on the UI but API requests only support the ‘Equal’ filter operator.