Prevent Audit of Forms

Zaki's Avatar

Zaki

27 Oct, 2016 10:14 PM

Hello,

I have been using Arachni for quite some time now. But I want to know if some parameter can help me prevent auditing a UI Form.

Thanks,
Zaki

  1. Support Staff 1 Posted by Tasos Laskos on 28 Oct, 2016 09:06 AM

    Tasos Laskos's Avatar

    Not currently, how would you like this to be implemented?
    What I'm thinking of doing is matching the button or submit input's name or id against --audit-exclude-vector patterns.

  2. 2 Posted by Zaki on 28 Oct, 2016 09:26 AM

    Zaki's Avatar

    The concern is when we run arachni on forms where we dont have a captcha, ex: https://www.bulletproof.co.uk/#getQuote . This generates a lot of emails when we are doing a pentest as it hits submit.
    Can we have something were if no captcha is available dont audit those forms OR
    Or even simple would be exclude auditing all the forms with a Submit button?

    Thanks,
    Zaki

  3. Support Staff 3 Posted by Tasos Laskos on 28 Oct, 2016 09:31 AM

    Tasos Laskos's Avatar

    Are you sure you mean UI forms and not regular ones?
    Also, have you looked at the scope options?

  4. Tasos Laskos closed this discussion on 28 Nov, 2016 03:27 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac