Skip to main content

Scans

A scan identifies security vulnerabilities in a target through three core components, each one with a specific job:

  • Fingerprinter - Identifies the technologies used on the target, which help further identify vulnerabilities and improve Probely’s suggestions on how to fix them.
  • Crawler - Goes through the target's URLs and interacts with every element found, clicking on buttons and filling in forms, among other actions.
  • Scanner - Finds vulnerabilities in the target's URLs provided by the Crawler, also improved by the technologies identified by the Fingerprinter.

The scope of the scan is determined by the target, as well as the behavior of the scan, such as authentication options, extra hosts, scanning profiles, and others. While scanning, vulnerabilities identified by the scanner produce findings that become associated with the target.

Learn more about scans in What happens during a scan?

Functionality​

The endpoints under Scans provide the following functionality:

  • Account Level

    • List scans of all account targets.
    • Start, pause, resume, or cancel scans in bulk for account targets.
  • Target Level

    • Retrieve the scan currently executing on a target.
    • Pause, resume, or cancel the scan currently executing on a target.
    • List all scans of a target.
    • Retrieve and update a scan of a target.
    • Pause, resume, or cancel a scan of a target.
    • Export the list of endpoints covered by a scan of a target.

Further functionality related to Scans is provided in the following tags:

  • Targets - Manage the scope and behavior of target scans, which extend also to other tags, namely:
    • Assets - Manage extra hosts to extend the scope of target scans to more domains.
    • Scanning Agent - Manage scanning agents to extend the scope of target scans to internal applications.
    • Reduced Scope - Manage reduced scopes to run partial scans on a subset of the target.
    • Navigation and Login Sequences - Manage recorded sequences of browser interactions to replay in target scans.
    • Scan Profiles - Manage scan profiles to configure how target scans are performed.
    • Scheduled Scans - Manage scheduled target scans.
  • Findings - Manage vulnerabilities identified in the scans.
  • Reports - Retrieve reports on findings from scans.