Scan Web Applications for SQLI, RXSS, LFI, RFI, CRLF and 25+ more with Invicti Cloud Scanner
Your website security is essential to your online business. Having misconfiguration or not properly hardened your web/application servers can put your web applications at risk.
Thousands of websites get hacked every day and recent research by Invicti shows the top 3 most popular vulnerabilities are XSS, SQL Injection & File Inclusion.
As a website owner or security administrator, you should explore all options to ensure your online business is secure from hackers to avoid business loss and reputation.
In this article, I will explain how you could use the Invicti cloud to scan your website for security vulnerabilities so you can take action before someone else find it.
Following abbreviations are used below: –
- SQLI – SQL Injection
- RXSS – Remote Cross-Site Scripting
- XSS – Cross-Site Scripting
- LFI – Local File Inclusion
- RFI – Remote File Inclusion
- CRLF – Carriage Return and Line Feed
Let’s get it started…
Once your account is ready, log in with your credential to Invicti Cloud. You will get the beautiful dashboard to set up your web URL to start the scan
- Click on Scans >> New Scan at the left navigation
- Enter your website details and click no Save
- You will need to verify the ownership to avoid the abuse. You may either verify using Email, File upload, HTML tag, or DNS record.
- Choose the verification method you prefer and click on verify
- On next window, you will be given an option to configure the scan
- Go through them and select the one you prefer.
- Important to select the scope whether you want to scan only entered URL or the whole domain.
- Once you are done with the configuration, click on Launch
- Next screen, you will see the scan progress.
Time to take a coffee 🙂
Meanwhile, you can check out some other FREE Online Security Vulnerability Scanner.
Once the scan is started, an email with a link of will also notifies you “scan status view”. So don’t worry if you close the browser. You can always check your email and go to a status page.
- The scan may take a few hours if you have selected to scan “Whole site” so keep patience. Once a scan is done, an email will notify you.
- Upon login, you will also see those details in the nice dashboard with severities, vulnerabilities for you to take action.
You can also export the report by following in XML, CSV, PDF, or HTML format.
- Detailed Scan Report
- Vulnerabilities List
- Crawled URLs
- Scanned URLs
Here is how the executive summary looks like.
Not good, I got to fix them shortly.
How about you? Haven’t you done the scanning yet, go ahead and explore the vulnerabilities and fix them before bad guys find and make your website unavailable?
More great readings on Security
Protect Your Web Applications and APIs with G-Core Labs WAFAmrita Pathak on June 10, 2022
Create an Incident Report in Minutes With These TemplatesSatish Shethi on June 6, 2022
Software Composition Analysis (SCA): Everything You Need to Know in 2022Amrita Pathak on May 26, 2022
Best On-premise Password Manager for Your Business – PassworkHitesh Sant on June 1, 2022
How to Scan and Fix Log4j Vulnerability?Amrita Pathak on May 10, 2022
How to Protect Your WordPress Site with iThemes Security ProHitesh Sant on May 7, 2022
Join Geekflare Newsletter
Every week we share trending articles and tools in our newsletter. More than 10,000 people enjoy reading, and you will love it too.