Problem with detecting vulnerabilities with arachni on DVWA
Hello,
I have been trying to find vulnerabilities such as XSS and PathTraversal but Atachni does not find any of them.
PS: i'm using arachni with Line command.
I have read that we have to create a profile or something like that (but i don't think that it is possible with Line command
Please can you help me trying to find a way to detect these vulnerabilities.
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Tasos Laskos on 12 Jan, 2017 10:52 AM
These types of applications require a lot of configuration, you'll need to specify a login procedure, exclude resources that can log you out as well as exclude resources that control the level of security.
Educational applications really shouldn't be used as benchmarks unless you're familiar enough with both the application and the scanner in order to configure both properly.
I don't have the time to search for the appropriate configuration but if you look through older discussions you'll find a way to do that.
Cheers
Tasos Laskos closed this discussion on 12 Jan, 2017 10:52 AM.