Our [authenticated] web-app scanner is built exclusively for web-apps and the servers that host them, focusing primarily on the web-apps' functionality and the configuration of services running on it.
For example, if...
π a web-app features a web form that queries an SQL Database, itβd be checked for SQL Injection
π a web server has an outdated version of SSL or PHP, we'll flag it
To benefit from the web-app scanner, you'll need to purchase an Authentication Licence which you can purchase from the Billing Page.
What if my app doesn't require authentication?
You can still use the [authenticated] web-app scanner, you just need to make sure you provide dummy credentials so the web-app scanner is activated when the scan starts.
The steps to do this can be seen below:
1. Find the target in the Targets page and click into its Target Detail Page:
2. Click the Authentications tab and click Add Authentication
3. Select Header Authentication and enter the following credentials:
Name: Unauthenticated
Entrypoint URL: The URL of the target e.g.
https://testphp.vulnweb.comHeader Name:
X-Auth-TokenHeader Value:
Bearer Tm90IGEgdmFsaWQgYXV0aCB0b2tlbg==
4. Hit 'Save authentication'.
Now, whenever you kick-off a scan on this target, it will be checked for all the usual infrastructure checks conducted by the underlying scanning engine (openVAS for Essential users and Tenable for Pro, Premium and Vanguard), plus checks from our web-app scanner.