tag:support.arachni-scanner.com,2012-07-01:/discussions/questions/14915-help-understanding-arachniArachni: Discussion 2018-05-04T08:42:24Ztag:support.arachni-scanner.com,2012-07-01:Comment/451985252018-04-30T18:42:26Z2018-05-04T08:41:31ZHelp Understanding Arachni<div><p>Hello,</p>
<p>I am trying to come up to speed with web app security testing and more specifically finding a good scanner tool. Currently, I am trying to successfully test my local metasploitable3 GlassFish app. I am not really understanding why I am not able to expand my site map with all available sub urls. Currently I am using:</p>
<pre>
<code>./arachni https://192.168.1.223:4848 --plugin=autologin:url=https://192.168.1.223:4848/common/index.jsf,parameters="j_username=admin&j_password=sploit&loginButton=Login&loginButton.DisabledHiddenField=true",check="Logout" --scope-exclude-pattern=logout</code>
</pre>
<p>This command indicates to me a 200 response code and it sends out almost a 1,000 requests within 45 minutes but when I go to site map it only shows 2 pages scanned so maybe I am not properly logging in. At this point it seems like I am missing something easy. Perhaps someone can provide me some advise.</p>
<p>R<br>
Joe</p></div>danmartinjtag:support.arachni-scanner.com,2012-07-01:Comment/451985252018-05-04T08:42:22Z2018-05-04T08:42:22ZHelp Understanding Arachni<div><p>Have you looked at this article?<br>
<a href="http://support.arachni-scanner.com/kb/general-use/optimizing-for-faster-scans">http://support.arachni-scanner.com/kb/general-use/optimizing-for-fa...</a></p></div>Tasos Laskos