Enterprise Recon Cloud 2.12.0
How To Scan Websites
This section covers the following topics:
Licensing
For Sitewide Licenses, all scanned website Targets consume data from the Sitewide License data allowance limit.
For Non-Sitewide Licenses, website Targets require Server & DB Licenses, and consume data from the Server & DB License data allowance limit.
See Target Licenses for more information.
Requirements
| Requirements | Description |
|---|---|
| Proxy Agent |
Required Proxy Agents:
Use the pre-configured Linux cloud Agents to scan cloud
Targets only. For the list of Targets according to the type, refer to
Target Types in the
Add Targets
section. For more information about Agents in ER Cloud, refer to the
About Enterprise Recon Cloud 2.12.0 section.
|
| TCP Allowed Connections |
|
Set Up a Website as a Target Location
- From the New Scan page, add Targets. Refer to the Add Targets section.
- In the Select Target Type dialog box, select Server.
- In Enter New Target Hostname, enter the website domain name.
- Click Test. If ER Cloud can connect to the Target, the button changes to a Commit button.
- Click Commit to add the Target.
- In the Select Types dialog box, select Websites.
- Under Websites section, select Website (http://) or SSL Website (https://).
-
Fill in the fields as follows:
Field Description (Optional) Path Refer to the Path Options table below to understand the parameters available to configure a website scan.
If Path field is left blank, only resources available at the Target website root directory will be scanned.(Optional) Credential Label Enter a descriptive label for the credential set. Only "Basic" HTTP authentication scheme credentials are supported.(Optional) Username Enter your user name. (Optional) Password Enter your password. Agent to act as proxy host The host name of the machine on which the Proxy Agent resides on. This selected Proxy Agent will be used to scan the website.
Recommended Least Privilege User ApproachTo reduce the risk of data loss or privileged account abuse, the Target credentials provided for the intended Target should only be granted read-only access to the exact resources and data that require scanning. Never grant full user access privileges or unrestricted data access to any application if it is not required.
- Click +Add customised.
Path Options
The following options can be defined in the Path field to setup a website Target scan:
| Options | Description |
|---|---|
| <folder> |
Scan a specific directory on the website domain. If <folder> is not defined in the Path field, only resources available at the Target website root directory will be scanned. |
| (port=<port>) |
Define a custom port for the Proxy Agent to establish a connection with the server hosting the Target website. If the Target website is hosted on a port other than the standard HTTP (80) or HTTPS (443) ports, the port option must be specified. |
| (depth=<depth>) |
Specify the depth of the website scan:
|
| (proxy=<proxy>) |
Specify the address of the HTTP proxy server. If the Proxy Agent has to connect to the Target website via a HTTP proxy server, the proxy option must be specified. |
The examples below describe the different scan scenarios based on the value in the Path field for a Target website hosted at http://www.example.com.
- folder1(depth=2)(port=8080)
Proxy Agent will receive instructions to scan the resources available in the following directories on port 8080:- www.example.com:8080/folder1/*
- www.example.com:8080/folder1/folder2a/*
- www.example.com:8080/folder1/folder2a/folder3a/*
- www.example.com:8080/folder1/folder2b/*
- www.example.com:8080/folder1/folder2b/folder3b*
- (proxy=proxy.example.com)
No folder or depth is defined. Proxy Agent will receive instructions to scan only the resources available in the root directory through the proxy server proxy.example.com:
- www.example.com/*
Sub-domains
Sub-domains are considered individual Targets, therefore each sub-domain must be licensed and scanned separately from apex domains.
- www.example.com
- example.com
- subdomain.example.com