Home
/
Features
/
Detect Vulnerabilities
/
Advanced manual scanning tools

Features

Navigation
Features
Discover & Crawl
Continuous web asset discovery
Advanced website crawling
Flexible deployment options
Assess Risk
Predict application risk
Detect Vulnerabilities
Industry-leading scan accuracy
Detect more with IAST scanning
Software composition analysis
Technology version tracking
Advanced manual scanning tools
Out-of-band detection
Resolve Vulnerabilities
Proof-based scanning
Detailed scan results
Vulnerability trend matrix
Dashboards, reporting, and compliance
Integrate Security into Development
Integrate security into development
Automate remediation workflows
Developer guidance
Continuously Secure
Vulnerability trend report
Automated WAF rules
Simplify compliance
Unlimited role-based access
Get a Demo
Advanced manual scanning tools

ADVANCED MANUAL SCANNING

Get the tools you need for manual vulnerability testing

While Invicti automates scanning for nearly every web asset, you may have some assets that no tool can scan automatically. That’s why Invicti comes with a set of advanced tools for manual vulnerability testing and troubleshooting:

  • Find vulnerabilities where you can’t use full automation. Scan isolated environments and other places where fully automated scanning isn’t possible.
  • Dive deeper into root causes. Get the tools that make troubleshooting easier — from an HTTP request builder to encoding and decoding tools.
  • See all your scan results in one place. Keep a central view of all your vulnerabilities, no matter how they were discovered — automatically or manually.

Investigate vulnerabilities in detail

Get the tools that make it easier for your security team to manually investigate issues detected by Invicti. Or run your own vulnerability assessments on local systems with custom checks and attack payloads.

Advanced manual testing tools include:

  • HTTP request builder
  • Encoding and decoding tools
  • ViewState viewer for .NET applications

Scan in hard-to-reach places

For the web assets that no system can scan automatically, Invicti gives you the features you need to make manual testing easier:

  • Control your scanning. Exclude specific assets from test attacks. Choose which vulnerabilities get retested and which don’t.
  • Test environments that require heavy user interaction. Test interactive login flows and manual authentication using smart cards.
  • Ensure the scanner knows every step. Guide the crawler manually by running the local Invicti scanner in proxy mode.

Speed up your manual tests in proxy mode

Replay HTTP requests recorded with tools such as Fiddler and Postman to create scanning sequences, or login flows with automatic logout detection — so you don’t have to recreate them.

Guide your scanning with Selenium scripts, so you can reuse your existing UI testing resources. You can also use Selenium scripts to integrate application security testing into your existing test suites.

A command-line interface is available if you want to control scanner operations from PowerShell scripts.

View all your scan results in one place

You need one central place to manage all your vulnerabilities. Invicti makes it easy to view all your vulnerabilities in one place by automatically uploading manual test results to the central Invicti server.

When you’re testing air-gapped or otherwise isolated environments, you can simply export results, then seamlessly add them to your central vulnerability management view.

Next Page
Whitelisting requirements for US and EU