Yes, absolutely.
But it's important that you set up your targets in Intruder's portal in the right way to ensure that our scanning engines can correctly reach the intended target (website and/or the underlying server).
What do I add as a target?
π I only want to scan the website / web-application
All you need to do is add the domain
π I want to scan the underlying server
You will need to add the IP address of the server.
π I want to scan both the website and underlying server
You would need to add both the domain name and the IP address. This will require two licenses.
How do I avoid scan interference?
You'll want to make sure our scanning IPs are added to your allowlist in Cloudflare.
Does this affect my network view?
Cloudflare can sometimes interfere with network view β which is where we show you which ports and services you have open to the internet βΒ and so we've outlined the expected behaviour below.
Domains behind Cloudflare
Whenever you scan a domain, the scanner will automatically look for the IP address that it resolves to. This IP address will belong to the CDN if there is one in place.
You'll notice in your Network view that we flag CDNs and comment "we are limiting results for this target as it is part of a CDN". If we didn't, your portal would be populated with the network findings of the CDN and not your own environment, which isn't of interest to you (and could get confusing).
β
IP addresses behind Cloudflare
If you add the IP address the scanner will reach out to that IP address directly and report any open ports as normal: