Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
In Security Last updated: November 20, 2022
Share on:
Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

Scan Web Applications for SQLI, RXSS, LFI, RFI, CRLF and 25+ more with Invicti Cloud Scanner

Your website security is essential to your online business. Having misconfiguration or not properly hardened your web/application servers can put your web applications at risk.

Thousands of websites get hacked every day and recent research by Invicti shows the top 3 most popular vulnerabilities are XSS, SQL Injection & File Inclusion.


As a website owner or security administrator, you should explore all options to ensure your online business is secure from hackers to avoid business loss and reputation.

In this article, I will explain how you could use the Invicti cloud to scan your website for security vulnerabilities so you can take action before someone else find it.

Following abbreviations are used below: –

  • SQLI – SQL Injection
  • RXSS – Remote Cross-Site Scripting
  • XSS – Cross-Site Scripting
  • LFI – Local File Inclusion
  • RFI – Remote File Inclusion
  • CRLF – Carriage Return and Line Feed

Let’s get it started…

Create either a TRIAL account or send an email to if you are working on Open Source Project.

Once your account is ready, log in with your credential to Invicti Cloud. You will get the beautiful dashboard to set up your web URL to start the scan

  • Click on Scans >> New Scan at the left navigation
  • Enter your website details and click no Save
  • You will need to verify the ownership to avoid the abuse. You may either verify using Email, File upload, HTML tag, or DNS record.
  • Choose the verification method you prefer and click on verify
  • On next window, you will be given an option to configure the scan
  • Go through them and select the one you prefer.
  • Important to select the scope whether you want to scan only entered URL or the whole domain.
  • Once you are done with the configuration, click on Launch
  • Next screen, you will see the scan progress.

Time to take a coffee 🙂

Meanwhile, you can check out some other FREE Online Security Vulnerability Scanner.

Once the scan is started, an email with a link of will also notifies you “scan status view”. So don’t worry if you close the browser. You can always check your email and go to a status page.

  • The scan may take a few hours if you have selected to scan “Whole site” so keep patience. Once a scan is done, an email will notify you.
  • Upon login, you will also see those details in the nice dashboard with severities, vulnerabilities for you to take action.

You can also export the report by following in XML, CSV, PDF, or HTML format.

  • Detailed Scan Report
  • Vulnerabilities List
  • Crawled URLs
  • Scanned URLs

Here is how the executive summary looks like.


Not good, I got to fix them shortly.

How about you? Haven’t you done the scanning yet, go ahead and explore the vulnerabilities and fix them before bad guys find and make your website unavailable?

  • Chandan Kumar
    Chandan Kumar is the founder of Geekflare. He’s helped millions to excel in the digital realm. Passionate about technology, He’s on a mission to explore the world and amplify growth for professionals and businesses.
Thanks to our Sponsors
More great readings on Security
Power Your Business
Some of the tools and services to help your business grow.
  • Invicti uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities and generate actionable results within just hours.
    Try Invicti
  • Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.
    Try Brightdata
  • is an all-in-one work OS to help you manage projects, tasks, work, sales, CRM, operations, workflows, and more.
    Try Monday
  • Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.
    Try Intruder