tag:support.arachni-scanner.com,2012-07-01:/discussions/suggestions/2685-prevent-audit-of-formsArachni: Discussion 2016-11-28T15:27:43Ztag:support.arachni-scanner.com,2012-07-01:Comment/410983872016-10-27T22:14:26Z2016-10-27T22:14:28ZPrevent Audit of Forms<div><p>Hello,</p>
<p>I have been using Arachni for quite some time now. But I want to
know if some parameter can help me prevent auditing a UI Form.</p>
<p>Thanks,<br>
Zaki</p></div>Zakitag:support.arachni-scanner.com,2012-07-01:Comment/410983872016-10-28T09:06:15Z2016-10-28T09:06:15ZPrevent Audit of Forms<div><p>Not currently, how would you like this to be implemented?<br>
What I'm thinking of doing is matching the button or submit input's
name or id against <code>--audit-exclude-vector</code>
patterns.</p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/410983872016-10-28T09:26:29Z2016-10-28T09:26:30ZPrevent Audit of Forms<div><p>The concern is when we run arachni on forms where we dont have a
captcha, ex: <a href="https://www.bulletproof.co.uk/#getQuote">https://www.bulletproof.co.uk/#getQuote</a>
. This generates a lot of emails when we are doing a pentest as it
hits submit.<br>
Can we have something were if no captcha is available dont audit
those forms OR<br>
Or even simple would be exclude auditing all the forms with a
Submit button?</p>
<p>Thanks,<br>
Zaki</p></div>Zakitag:support.arachni-scanner.com,2012-07-01:Comment/410983872016-10-28T09:31:23Z2016-10-28T09:31:32ZPrevent Audit of Forms<div><p>Are you sure you mean UI forms and not regular ones?<br>
Also, have you looked at the <a href="https://github.com/Arachni/arachni/wiki/Command-line-user-interface#scope">
scope</a> options?</p></div>Tasos Laskos