- Enterprise Recon 2.0.28
This section covers the following topics:
Set up a Website as a Target location
- From the New Search page, Add Targets.
- In the Select Target Type dialog box, select Server.
- In Enter New Target Hostname, enter the website domain name.To scan a website hosted at the URL http://example.com, enter example.com in the Enter New Target Hostname field.
- Click Test. If the host name is resolved, the Test button changes to a Commit button.
- Click Commit.
- On the left of the Select Types window, select Websites.
- Under Websites section, select Website (http://) or SSL Website (https://).
Fill in the following fields:
Field Description (Optional) Path
See Path Options table to understand the parameters available to configure a website scan.
If Path field is left blank, only resources available at the Target website root directory will be scanned.
(Optional) Credential Label
Enter a descriptive label for the credential set.Only "Basic" HTTP authentication scheme credentials are supported.
(Optional) Username Enter your user name. (Optional) Password Enter your password. Agent to act as a proxy host
The host name of the machine on which the Proxy Agent resides on. This selected Proxy Agent will be used to scan the website.
Click +Add customized.
The following options can be defined in the Path field to setup a website Target scan:
Scan a specific directory on the website domain.
If folder is not defined in the Path field, only resources available at the Target website root directory will be scanned.
Define a custom port for the Proxy Agent to establish a connection with the server hosting the Target website.
If the Target website is hosted on a port other than the standard HTTP (80) or HTTPS (443) ports, the port option must be specified.
Specify the depth of the website scan:
Specify the address of the HTTP proxy server.
If the Proxy Agent has to connect to the Target website via a HTTP proxy server, the <proxy> option must be specified.
The examples below describe the different scan scenarios based on the value in the Path field for a Target website hosted at http://www.example.com.
Proxy Agent will receive instructions to scan the resources available in the following directories on port 8080:
No folder or depth is defined. Proxy Agent will receive instructions to scan only the resources available in the root directory through the proxy server proxy.example.com:
Sub-domains are considered individual Targets, therefore each sub-domain must be licensed and scanned separately from apex domains.