How to choose which paths to scan after crawling the site

There are situations where you need to crawl a site, and choose which paths to scan after crawling the site. This feature has been re-introduced in Acunetix version 12. You will first need to run a Crawl, after which you can choose which files not to scan from the Site Structure. Proceed as follows:

  1. From the Acunetix UI > Targets, select the Target to Crawl.
  2. Click the Scan button
  3. In the Scan Options, change the the Scan Type to Crawl Only.
    excluded paths
  4. Click Create Scan.
  5. Wait for the Crawl to finish.
  6. From the Scan details, change to the Site Structure tab.
  7. Browse the Site Structure tree. Click on the Exclude link which appears when you hover the mouse over the paths. This will automatically configure the Target to exclude the paths selected.
    exclude paths
  8. Start a new scan, this time choosing the Scan Type required. This new scan will take into consideration the Excluded Paths configured previously.

Note: The paths configured to be excluded will be stored with the Target, and will affect all future scans. You will need to remember to remove the redundant excluded paths or create multiple Targets for the same web site using different Excluded Paths.

AppSec/API Security 2022

*** This is a Security Bloggers Network syndicated blog from Web Security Blog – Acunetix authored by Nicholas Sciberras. Read the original post at: