Yes, absolutely.

But it's important that you set up your targets in Intruder's portal in the right way to ensure that our scanning engines can correctly reach both your website and the underlying server.

What do I add as a target?

👉 I only want to scan the website / web-application

All you need to do is add the domain*

👉 I want to scan the underlying server

You will need to add the IP address of the server.

👉 I want to scan both the website and underlying server

You would need to add both the domain name and the IP address. This will require two license.

How do I whitelist to avoid scan interference?

You'll want to make sure our scanning IPs are whitelisted in Cloudflare.

Network view

* Please note – if you add the domain for a target behind Cloudflare then you won't be able to see any network data for that domain. You see, when you scan a domain the scanner will automatically look for the IP address that it resolves to – which in this instance will belong to Cloudflare – and so the network results would be in reference to Cloudflare's infrastructure and not your own. It's for this reason, that we deliberately omit them.

If you add the IP address however, then you'll see network results for the underlying server.

Did this answer your question?