Login per token

fst's Avatar


13 Nov, 2017 07:43 AM

Is it possible to make a token login with arachni?
Or can arachni get the token from the website, after login with username and password, and use the received token for further scans.

Authentication token using like auth0.com or something else.

  1. Support Staff 1 Posted by Tasos Laskos on 20 Nov, 2017 10:52 AM

    Tasos Laskos's Avatar

    You should basically be able to use the login_script plugin to drive the browser the same way a user would to log-in to the webapp.
    Is your app doing something special? Like requiring the token in a special request header or something?

  2. 2 Posted by fst on 20 Nov, 2017 12:02 PM

    fst's Avatar

    How can I use it?

    I found this page: http://support.arachni-scanner.com/kb/general-use/logging-in-and-ma...

    But dont know how to use it, respectively how the command look like.

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:


Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac