Different scan results for Web-UI and REST API
Hello,
We recently started using arachni for scanning couple of web applications using Web UI and REST Server options. The are seeing different results from these options. Scans initiated from the Web UI return findings for various severity (like high, medium, low etc.), but the scans via REST API return only the high severity findings.
Is there a way of making the REST option return all the findings (irrespective of the severity)?
Thanks,
Sudarshan Babu
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 26 Mar, 2018 07:49 AM
Are you using the same configuration for the WebUI scan as for the REST API?
Can you please show me both configs?
2 Posted by sudarshan.babu on 26 Mar, 2018 01:51 PM
Hello Tasos Laskos,
Thanks for the reply. As far as I can tell, I am using the same configuration for both the options.
I have enclosed the json of the profile from Web UI and see below for what I am posting to the REST endpoint. This is essentially built based on what I have in the profile.
3 Posted by sudarshan.babu on 18 Apr, 2018 02:45 PM
Hello Tasos Laskos,
Did you get a chance to review what I supplied? should we stop using APIs then?
Support Staff 4 Posted by Tasos Laskos on 04 May, 2018 08:46 AM
Those 2 JSON files obviously have many differences, the enabled checks first and foremost, which is basically the most important configuration in Arachni.