Is there an easy way to exclude paths from being scanned?

You can exclude paths from being scanned by configuring the path as an Excluded Path for the Target. This can be done from the Target’s settings > Crawl tab > Excluded Paths. The Excluded paths will need to be configured as a regular expression.

Since regular expressions may be be quite tedious, an easier way would be to crawl the Target, and exclude paths from the Site Structure identified by the Crawl. Proceed as follows:

  1. From the Acunetix UI > Targets, select the Target to Crawl.
  2. Click the Scan button
  3. In the Scan Options, change the the Scan Type to Crawl Only.
    excluded paths
  4. Click Create Scan.
  5. Wait for the Crawl to finish.
  6. From the Scan details, change to the Site Structure tab.
  7. Browse the Site Structure tree. Click on the Exclude link which appears when you hover the mouse over the paths. This will automatically create the regular expression for the specific path to be excluded, and store it in the Target’s settings.
    exclude paths


*** This is a Security Bloggers Network syndicated blog from Web Security Blog – Acunetix authored by Nicholas Sciberras. Read the original post at: http://feedproxy.google.com/~r/acunetixwebapplicationsecurityblog/~3/g3uS3Zpvcck/