Out of Scope Links are those links that are excluded from a scan in the Scan Scope settings.
Invicti aims to crawl every part of the target web application and collate links it finds. It then attacks these links to identify vulnerable points.
However, Invicti still allows you to determine the scope of the scan:
- You can decide to exclude a part of the web application from the scan to determine the scan scope.
- In addition, Invicti excludes URLs with image files, advertising networks, and links discovered by the scanner after the link pool limit exceeded.
To inform you which part of the target web application remains uncrawled, the scanner provides a list of those pages.
You can access this information under the Knowledge Base panel in Invicti Standard and Invicti Enterprise. This information enables you to fine-tune your scan settings if you want Invicti to scan these web pages in subsequent scans.
Once the scan is completed, all out of scope Links are listed under the Out of Scope node in the Knowledge Base. You can access the same information in the Knowledge Base Report and Knowledge Base Tab.
Invicti forms Knowledge Base nodes on its findings. If the Out of Scope Links node is not listed, it means that Invicti did not find any.
For further information, see Knowledge Base Nodes.
How to View the Out of Scope Links Node in Invicti Enterprise
- Log in to Invicti Enterprise.
- From the main menu, click Scans, then Recent Scans. The Recent Scans window is displayed.
- Next to the relevant website, click Report.
- From the Technical Report section, click the Knowledge Base tab.
- Click the Out of Scope Links node. The information is displayed in an Out of Scope Links tab.
How to View the Out of Scope Links Node in Invicti Standard
- Open Invicti Standard
- Start a Scan or Import a previously saved scan.
- The Knowledge Base is displayed on the right of the Scan Summary Dashboard. (If it is hidden, display it again using the Knowledge Base icon on the View tab on the ribbon. Alternatively, click the Reset Layout icon on the View tab, then close the Activity/Progress/Logs panes to give maximum viewing space.)
- Ensure that the Knowledge Base Viewer is also displayed. (If it is hidden, you can display it again using the Knowledge Base Viewer button on the View tab. You may also want to close the Activity/Progress/Logs panes.)
- Click the Out of Scope Links node in the Knowledge Base. All detected Out of Scope Links are displayed in the Knowledge Base Viewer.