Invicti Cheat Sheet
Überblick
Invicti (früher Netsparker) ist ein Enterprise-grade Web Application Security Scanner, der Dynamic Application Security Testing (DAST) und Interactive Application Security Testing (IAST) für eine umfassende Laufzeit-Sicherheitsanalyse kombiniert. Es bietet eine automatisierte Schwachstellenerkennung mit minimalen falschen Positiven und integriert nahtlos in Entwicklungspipelines für kontinuierliche Sicherheitstests.
ZEIT Anmerkung: Unternehmensprodukte. Kontakt Invicti für Preise und Lizenzierung. Kostenlose Testversion verfügbar.
Installation und Inbetriebnahme
Invicti Enterprise Installation
```bash
System requirements:
- Windows Server 2016/2019/2022 or Windows 10/11
- .NET Framework 4.8 or later
- SQL Server 2016 or later (for Enterprise)
- 8GB RAM minimum, 16GB recommended
- 100GB disk space minimum
Download and installation:
1. Download installer from Invicti portal
2. Run installer as administrator
3. Follow installation wizard
4. Configure database connection
5. Set up license key
6. Configure initial settings
Command-line installation (silent)
InvictiEnterprise.exe /S /D="C:\Program Files\Invicti\Enterprise"
Verify installation
"C:\Program Files\Invicti\Enterprise\Invicti.exe" --version ```_
Invicti Standard Installation
```bash
Download Invicti Standard
1. Visit invicti.com/download
2. Download installer
3. Run installer
4. Enter license key
5. Complete setup wizard
Verify installation
"C:\Program Files\Invicti\Standard\Invicti.exe" --version
Command-line interface setup
Add Invicti to PATH environment variable
setx PATH "%PATH%;C:\Program Files\Invicti\Standard" ```_
Erstkonfiguration
```bash
License activation
Invicti.exe --activate-license --key "YOUR_LICENSE_KEY"
Configure proxy settings (if needed)
Invicti.exe --configure-proxy --host proxy.company.com --port 8080 --username user --password pass
Set up scan profiles
Invicti.exe --create-profile --name "Standard Web App" --template standard Invicti.exe --create-profile --name "API Security" --template api Invicti.exe --create-profile --name "High Security" --template comprehensive
Configure notification settings
Invicti.exe --configure-notifications --email admin@company.com --smtp smtp.company.com ```_
Web Application Scanning
Basic Scaning Operationen
```bash
Quick website scan
Invicti.exe --scan --url "https://example.com" --profile "Standard Web App"
Comprehensive scan with custom settings
Invicti.exe --scan --url "https://example.com" \ --profile "High Security" \ --max-scan-time 4h \ --max-pages 10000 \ --crawl-depth 10
API endpoint scanning
Invicti.exe --scan --url "https://api.example.com" \ --profile "API Security" \ --openapi-spec "api-spec.yaml" \ --auth-type bearer \ --auth-token "your_api_token"
Authenticated web application scan
Invicti.exe --scan --url "https://app.example.com" \ --auth-type form \ --login-url "https://app.example.com/login" \ --username "testuser" \ --password "testpass" \ --login-success-indicator "Dashboard" ```_
Erweiterte Scannen Konfiguration
```bash
Custom scan with exclusions and inclusions
Invicti.exe --scan --url "https://example.com" \ --include-paths "/app/,/api/" \ --exclude-paths "/admin/,/internal/" \ --exclude-extensions "pdf,jpg,png,gif" \ --custom-headers "X-API-Key: your_key"
Single Page Application (SPA) scanning
Invicti.exe --scan --url "https://spa.example.com" \ --spa-mode enabled \ --javascript-engine chrome \ --wait-for-javascript 5000 \ --capture-screenshots
Mobile web application scanning
Invicti.exe --scan --url "https://m.example.com" \ --user-agent mobile \ --viewport-size "375x667" \ --touch-events enabled
Multi-step authentication scanning
Invicti.exe --scan --url "https://app.example.com" \ --auth-sequence "login_sequence.xml" \ --session-management advanced \ --maintain-session ```_
Profile und Vorlagen scannen
```xml
Authentication Konfiguration
```xml
IAST (Interactive Application Security Testing)
IAST Agent Installation
```bash
.NET IAST Agent installation
Download Invicti.Agent.AspNet.msi from portal
msiexec /i Invicti.Agent.AspNet.msi /quiet
Configure IAST agent
Add to web.config or appsettings.json
```_
```xml
json
// appsettings.json for .NET Core
{
"Invicti": {
"Agent": {
"ServerUrl": "https://invicti.company.com",
"Token": "your_agent_token",
"ApplicationName": "MyWebApp",
"Environment": "Production",
"EnableRuntimeProtection": true,
"SensitiveDataRedaction": true
}
}
}_
Java IAST Agent
```bash
Download Java agent JAR
wget https://download.invicti.com/agents/java/invicti-agent.jar
Add to JVM startup parameters
java -javaagent:invicti-agent.jar \ -Dinvicti.agent.server.url=https://invicti.company.com \ -Dinvicti.agent.token=your_agent_token \ -Dinvicti.agent.application.name=MyJavaApp \ -jar myapplication.jar
Tomcat configuration (catalina.sh)
export CATALINA_OPTS="$CATALINA_OPTS -javaagent:/path/to/invicti-agent.jar" export CATALINA_OPTS="$CATALINA_OPTS -Dinvicti.agent.server.url=https://invicti.company.com" export CATALINA_OPTS="$CATALINA_OPTS -Dinvicti.agent.token=your_agent_token" ```_
Node.js IAST Agent
```bash
Install Node.js agent
npm install @invicti/agent
Configure in application
```_
```javascript // app.js const invictiAgent = require('@invicti/agent');
// Initialize agent before other modules invictiAgent.init({ serverUrl: 'https://invicti.company.com', token: 'your_agent_token', applicationName: 'MyNodeApp', environment: 'production', enableRuntimeProtection: true, sensitiveDataRedaction: true });
// Your application code const express = require('express'); const app = express();
// Routes and middleware app.get('/', (req, res) => { res.send('Hello World!'); });
app.listen(3000, () => { console.log('Server running on port 3000'); }); ```_
IAST Konfiguration und Management
```bash
Verify IAST agent connectivity
Invicti.exe --verify-iast-agent --application "MyWebApp"
Configure IAST policies
Invicti.exe --configure-iast --application "MyWebApp" \ --enable-runtime-protection \ --enable-data-flow-analysis \ --sensitive-data-redaction
View IAST agent status
Invicti.exe --iast-status --application "MyWebApp"
Download IAST findings
Invicti.exe --export-iast-findings --application "MyWebApp" \ --format json \ --output iast_findings.json ```_
API Security Testing
OpenAPI/Swagger Integration
```bash
Scan API using OpenAPI specification
Invicti.exe --scan-api --openapi-spec "api-spec.yaml" \ --base-url "https://api.example.com" \ --auth-type bearer \ --auth-token "your_api_token"
Generate API specification from live endpoint
Invicti.exe --discover-api --url "https://api.example.com" \ --output-spec "discovered-api.yaml" \ --auth-header "Authorization: Bearer your_token"
Custom API security profile
Invicti.exe --scan-api --openapi-spec "api-spec.yaml" \ --profile "API Security" \ --test-business-logic \ --test-rate-limiting \ --test-authentication-bypass ```_
GraphQL Sicherheitstest
```bash
GraphQL endpoint scanning
Invicti.exe --scan-graphql --url "https://api.example.com/graphql" \ --introspection-enabled \ --auth-header "Authorization: Bearer your_token"
GraphQL schema analysis
Invicti.exe --analyze-graphql-schema --url "https://api.example.com/graphql" \ --output-schema "graphql-schema.json" \ --test-depth-limiting \ --test-query-complexity ```_
REST API Testing
```bash
Comprehensive REST API scan
Invicti.exe --scan-rest-api --base-url "https://api.example.com" \ --endpoints-file "api-endpoints.txt" \ --test-injection-attacks \ --test-broken-authentication \ --test-excessive-data-exposure
API rate limiting and DoS testing
Invicti.exe --test-api-limits --url "https://api.example.com" \ --rate-limit-test \ --concurrent-requests 100 \ --test-duration 60s ```_
Enterprise Features und Management
Multi-User Management
```bash
User management
Invicti.exe --add-user --username "john.doe" \ --email "john.doe@company.com" \ --role "Security Analyst" \ --permissions "scan,view_reports"
Role-based access control
Invicti.exe --create-role --name "Developer" \ --permissions "view_own_scans,create_scans" \ --restrictions "no_admin_access"
Team and project management
Invicti.exe --create-team --name "Web Security Team" \ --members "john.doe,jane.smith" \ --projects "WebApp1,WebApp2" ```_
Zentrales Scanning Management
```bash
Scan scheduling
Invicti.exe --schedule-scan --url "https://example.com" \ --schedule "daily" \ --time "02:00" \ --timezone "UTC" \ --profile "Standard Web App"
Distributed scanning setup
Invicti.exe --configure-scan-agent --name "Agent1" \ --location "DataCenter1" \ --max-concurrent-scans 5
Scan queue management
Invicti.exe --view-scan-queue Invicti.exe --prioritize-scan --scan-id "12345" --priority high Invicti.exe --cancel-scan --scan-id "12345" ```_
Compliance und Reporting
```bash
Compliance reporting
Invicti.exe --generate-compliance-report \ --framework "PCI-DSS" \ --projects "all" \ --period "quarterly" \ --output "pci_compliance_report.pdf"
Executive dashboard export
Invicti.exe --export-dashboard --type "executive" \ --format "pdf" \ --include-trends \ --output "executive_dashboard.pdf"
Vulnerability trend analysis
Invicti.exe --analyze-trends --projects "all" \ --period "last_6_months" \ --metrics "vulnerability_count,severity_distribution" \ --output "trend_analysis.json" ```_
CI/CD Integration
Jenkins Integration
```groovy // Jenkinsfile pipeline { agent any
environment {
INVICTI_API_TOKEN = credentials('invicti-api-token')
}
stages {
stage('Build') {
steps {
// Build application
sh 'npm install && npm run build'
}
}
stage('Deploy to Staging') {
steps {
// Deploy to staging environment
sh 'docker-compose up -d'
// Wait for application to be ready
sh 'sleep 30'
}
}
stage('Security Scan') {
steps {
script {
// Start Invicti scan
def scanResult = sh(
script: """
Invicti.exe --scan --url "http://staging.example.com" \
--profile "CI/CD Security" \
--api-token "${INVICTI_API_TOKEN}" \
--wait-for-completion \
--max-scan-time 30m \
--output-format json
""",
returnStdout: true
)
def scanData = readJSON text: scanResult
// Check for critical vulnerabilities
if (scanData.vulnerabilities.critical > 0) {
error("Critical vulnerabilities found: ${scanData.vulnerabilities.critical}")
}
// Generate report
sh """
Invicti.exe --export-report --scan-id "${scanData.scanId}" \
--format "html" \
--output "security_report.html"
"""
}
}
}
stage('Deploy to Production') {
when {
branch 'main'
}
steps {
echo 'Deploying to production...'
// Production deployment steps
}
}
}
post {
always {
archiveArtifacts artifacts: 'security_report.html', fingerprint: true
publishHTML([
allowMissing: false,
alwaysLinkToLastBuild: true,
keepAll: true,
reportDir: '.',
reportFiles: 'security_report.html',
reportName: 'Invicti Security Report'
])
}
failure {
emailext (
subject: "Security Scan Failed: ${env.JOB_NAME} - ${env.BUILD_NUMBER}",
body: "Security vulnerabilities found in build ${env.BUILD_NUMBER}. Check the report for details.",
to: "security-team@company.com"
)
}
}
} ```_
Azure DevOps Integration
```yaml
azure-pipelines.yml
trigger: - main - develop
pool: vmImage: 'windows-latest'
variables: invictiApiToken: $(INVICTI_API_TOKEN)
stages: - stage: Build jobs: - job: BuildApp steps: - task: NodeTool@0 inputs: versionSpec: '16.x'
- script: |
npm install
npm run build
displayName: 'Build Application'
- stage: SecurityScan dependsOn: Build jobs:
-
job: InvictiScan steps:
-
task: PowerShell@2 displayName: 'Run Invicti Security Scan' inputs: targetType: 'inline' script: | $scanResult = & "C:\Program Files\Invicti\Enterprise\Invicti.exe"
--scan--url "https://$(Build.BuildId).staging.example.com"--profile "Azure DevOps"--api-token "$(invictiApiToken)"--wait-for-completion--max-scan-time "30m" ` --output-format "json"$scanData = $scanResult | ConvertFrom-Json
if ($scanData.vulnerabilities.critical -gt 0) { Write-Error "Critical vulnerabilities found: $($scanData.vulnerabilities.critical)" exit 1 }
# Export report & "C:\Program Files\Invicti\Enterprise\Invicti.exe"
--export-report--scan-id "$($scanData.scanId)"--format "html"--output "$(Agent.TempDirectory)\security_report.html" -
task: PublishHtmlReport@1 displayName: 'Publish Security Report' inputs: reportDir: '$(Agent.TempDirectory)' tabName: 'Invicti Security Report'
-
-
stage: Deploy dependsOn: SecurityScan condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main')) jobs:
- deployment: DeployToProduction environment: 'production' strategy: runOnce: deploy: steps: - script: echo "Deploying to production..." displayName: 'Deploy Application' ```_
GitHub Aktionen Integration
```yaml
.github/workflows/security-scan.yml
name: Security Scan with Invicti
on: push: branches: [main, develop] pull_request: branches: [main]
jobs: security-scan: runs-on: windows-latest
steps:
- uses: actions/checkout@v3
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '16'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Build application
run: npm run build
- name: Deploy to staging
run: |
# Deploy application to staging environment
echo "Deploying to staging..."
- name: Run Invicti Security Scan
env:
INVICTI_API_TOKEN: ${{ secrets.INVICTI_API_TOKEN }}
run: |
$scanResult = & "C:\Program Files\Invicti\Enterprise\Invicti.exe" `
--scan `
--url "https://staging.example.com" `
--profile "GitHub Actions" `
--api-token "$env:INVICTI_API_TOKEN" `
--wait-for-completion `
--max-scan-time "30m" `
--output-format "json"
$scanData = $scanResult | ConvertFrom-Json
# Export detailed report
& "C:\Program Files\Invicti\Enterprise\Invicti.exe" `
--export-report `
--scan-id "$($scanData.scanId)" `
--format "json" `
--output "security_results.json"
# Check for critical vulnerabilities
if ($scanData.vulnerabilities.critical -gt 0) {
Write-Error "Critical vulnerabilities found: $($scanData.vulnerabilities.critical)"
exit 1
}
- name: Upload Security Results
uses: actions/upload-artifact@v3
if: always()
with:
name: security-scan-results
path: security_results.json
- name: Comment PR with Results
if: github.event_name == 'pull_request'
uses: actions/github-script@v6
with:
script: |
const fs = require('fs');
const results = JSON.parse(fs.readFileSync('security_results.json', 'utf8'));
const comment = `## 🔒 Security Scan Results
**Vulnerabilities Found:**
- Critical: ${results.vulnerabilities.critical}
- High: ${results.vulnerabilities.high}
- Medium: ${results.vulnerabilities.medium}
- Low: ${results.vulnerabilities.low}
**Scan Details:**
- Scan ID: ${results.scanId}
- Duration: ${results.scanDuration}
- Pages Scanned: ${results.pagesScanned}
${results.vulnerabilities.critical > 0 ? '❌ **Critical vulnerabilities found! Please review and fix before merging.**' : '✅ **No critical vulnerabilities found.**'}
`;
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: comment
});
```_
API und Automatisierung
REST API Verwendung
```bash
Authentication
export INVICTI_API_TOKEN="your_api_token_here" export INVICTI_BASE_URL="https://invicti.company.com/api/1.0"
Get scan list
curl -H "Authorization: Bearer $INVICTI_API_TOKEN" \ "$INVICTI_BASE_URL/scans"
Start a new scan
curl -X POST \ -H "Authorization: Bearer $INVICTI_API_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "TargetUrl": "https://example.com", "ProfileId": "standard-web-app", "ScanType": "FullWithPrimaryProfile" }' \ "$INVICTI_BASE_URL/scans"
Get scan status
curl -H "Authorization: Bearer $INVICTI_API_TOKEN" \ "$INVICTI_BASE_URL/scans/12345"
Download scan report
curl -H "Authorization: Bearer $INVICTI_API_TOKEN" \ "$INVICTI_BASE_URL/scans/12345/report?format=pdf" \ -o "scan_report.pdf" ```_
PowerShell Automation
```powershell
Invicti PowerShell automation script
param( [Parameter(Mandatory=$true)] [string]$TargetUrl,
[Parameter(Mandatory=$true)]
[string]$ApiToken,
[string]$ProfileName = "Standard Web App",
[int]$MaxScanTime = 120,
[string]$OutputPath = "."
)
Set up API headers
$headers = @{ "Authorization" = "Bearer $ApiToken" "Content-Type" = "application/json" }
$baseUrl = "https://invicti.company.com/api/1.0"
Function to start scan
function Start-InvictiScan { param($url, $profile)
$scanRequest = @{
TargetUrl = $url
ProfileId = $profile
ScanType = "FullWithPrimaryProfile"
MaxScanTime = $MaxScanTime
} | ConvertTo-Json
$response = Invoke-RestMethod -Uri "$baseUrl/scans" -Method POST -Headers $headers -Body $scanRequest
return $response.Id
}
Function to wait for scan completion
function Wait-ForScanCompletion { param($scanId)
do {
Start-Sleep -Seconds 30
$scanStatus = Invoke-RestMethod -Uri "$baseUrl/scans/$scanId" -Headers $headers
Write-Host "Scan status: $($scanStatus.State) - Progress: $($scanStatus.Progress)%"
} while ($scanStatus.State -eq "Running")
return $scanStatus
}
Function to download report
function Get-ScanReport { param($scanId, $format = "pdf")
$reportUrl = "$baseUrl/scans/$scanId/report?format=$format"
$outputFile = Join-Path $OutputPath "invicti_report_$scanId.$format"
Invoke-WebRequest -Uri $reportUrl -Headers $headers -OutFile $outputFile
return $outputFile
}
Main execution
try { Write-Host "Starting Invicti scan for: $TargetUrl"
# Start scan
$scanId = Start-InvictiScan -url $TargetUrl -profile $ProfileName
Write-Host "Scan started with ID: $scanId"
# Wait for completion
$finalStatus = Wait-ForScanCompletion -scanId $scanId
Write-Host "Scan completed with status: $($finalStatus.State)"
# Download reports
$pdfReport = Get-ScanReport -scanId $scanId -format "pdf"
$jsonReport = Get-ScanReport -scanId $scanId -format "json"
Write-Host "Reports downloaded:"
Write-Host " PDF: $pdfReport"
Write-Host " JSON: $jsonReport"
# Parse results
$results = Get-Content $jsonReport | ConvertFrom-Json
$criticalCount = ($results.Vulnerabilities | Where-Object { $_.Severity -eq "Critical" }).Count
$highCount = ($results.Vulnerabilities | Where-Object { $_.Severity -eq "High" }).Count
Write-Host "Vulnerability Summary:"
Write-Host " Critical: $criticalCount"
Write-Host " High: $highCount"
Write-Host " Total: $($results.Vulnerabilities.Count)"
# Exit with error if critical vulnerabilities found
if ($criticalCount -gt 0) {
Write-Error "Critical vulnerabilities found! Scan failed."
exit 1
}
Write-Host "Scan completed successfully!"
} catch { Write-Error "Scan failed: $($.Exception.Message)" exit 1 } ```
Erweiterte Konfiguration und Anpassung
Individuelle Schwachstelle Kontrollen
```xml
<TestCases>
<TestCase>
<Payload>' OR '1'='1' --</Payload>
<ExpectedResponse type="error_message">SQL syntax error</ExpectedResponse>
</TestCase>
<TestCase>
<Payload>1' UNION SELECT 1,2,3 --</Payload>
<ExpectedResponse type="content_change">significant</ExpectedResponse>
</TestCase>
</TestCases>
<FalsePositiveReduction>
<ExcludeIfContains>test environment</ExcludeIfContains>
<ExcludeIfContains>demo data</ExcludeIfContains>
</FalsePositiveReduction>
<TestCases>
<TestCase>
<Description>Price manipulation test</Description>
<Steps>
<Step type="navigate">checkout.php</Step>
<Step type="modify_parameter">price=-100</Step>
<Step type="submit_form">checkout_form</Step>
</Steps>
<ExpectedResponse type="success_indicator">Order confirmed</ExpectedResponse>
</TestCase>
</TestCases>
```_
Integration mit externen Tools
```python
invicti_integration.py
import requests import json import time from typing import Dict, List, Optional
class InvictiIntegration: def init(self, api_token: str, base_url: str = "https://invicti.company.com/api/1.0"): self.api_token = api_token self.base_url = base_url self.headers = { "Authorization": f"Bearer {api_token}", "Content-Type": "application/json" }
def start_scan(self, target_url: str, profile_id: str = "standard-web-app") -> str:
"""Start a new security scan"""
scan_data = {
"TargetUrl": target_url,
"ProfileId": profile_id,
"ScanType": "FullWithPrimaryProfile"
}
response = requests.post(
f"{self.base_url}/scans",
headers=self.headers,
json=scan_data
)
if response.status_code == 201:
return response.json()["Id"]
else:
raise Exception(f"Failed to start scan: {response.text}")
def get_scan_status(self, scan_id: str) -> Dict:
"""Get scan status and progress"""
response = requests.get(
f"{self.base_url}/scans/{scan_id}",
headers=self.headers
)
return response.json()
def wait_for_scan_completion(self, scan_id: str, timeout: int = 7200) -> Dict:
"""Wait for scan to complete with timeout"""
start_time = time.time()
while time.time() - start_time < timeout:
status = self.get_scan_status(scan_id)
if status["State"] in ["Completed", "Failed", "Aborted"]:
return status
print(f"Scan progress: {status['Progress']}%")
time.sleep(30)
raise TimeoutError("Scan did not complete within timeout")
def get_vulnerabilities(self, scan_id: str) -> List[Dict]:
"""Get vulnerabilities from completed scan"""
response = requests.get(
f"{self.base_url}/scans/{scan_id}/vulnerabilities",
headers=self.headers
)
return response.json()
def export_report(self, scan_id: str, format: str = "json") -> bytes:
"""Export scan report in specified format"""
response = requests.get(
f"{self.base_url}/scans/{scan_id}/report?format={format}",
headers=self.headers
)
return response.content
def create_jira_tickets(self, vulnerabilities: List[Dict], jira_config: Dict) -> List[str]:
"""Create Jira tickets for high/critical vulnerabilities"""
jira_tickets = []
for vuln in vulnerabilities:
if vuln["Severity"] in ["Critical", "High"]:
ticket_data = {
"fields": {
"project": {"key": jira_config["project_key"]},
"summary": f"Security Vulnerability: {vuln['Name']}",
"description": f"""
Vulnerability Details:
- Type: {vuln['Type']}
- Severity: {vuln['Severity']}
- URL: {vuln['Url']}
- Description: {vuln['Description']}
- Remediation: {vuln['Remediation']}
Invicti Scan ID: {vuln['ScanId']}
""",
"issuetype": {"name": "Bug"},
"priority": {"name": "High" if vuln["Severity"] == "Critical" else "Medium"},
"labels": ["security", "invicti", vuln["Type"].lower()]
}
}
jira_response = requests.post(
f"{jira_config['base_url']}/rest/api/2/issue",
auth=(jira_config["username"], jira_config["password"]),
headers={"Content-Type": "application/json"},
json=ticket_data
)
if jira_response.status_code == 201:
ticket_key = jira_response.json()["key"]
jira_tickets.append(ticket_key)
print(f"Created Jira ticket: {ticket_key}")
return jira_tickets
def send_slack_notification(self, scan_results: Dict, webhook_url: str):
"""Send scan results to Slack"""
critical_count = len([v for v in scan_results["vulnerabilities"] if v["Severity"] == "Critical"])
high_count = len([v for v in scan_results["vulnerabilities"] if v["Severity"] == "High"])
color = "danger" if critical_count > 0 else "warning" if high_count > 0 else "good"
message = {
"attachments": [
{
"color": color,
"title": f"Invicti Security Scan Results - {scan_results['target_url']}",
"fields": [
{
"title": "Critical Vulnerabilities",
"value": str(critical_count),
"short": True
},
{
"title": "High Vulnerabilities",
"value": str(high_count),
"short": True
},
{
"title": "Scan Duration",
"value": scan_results["duration"],
"short": True
},
{
"title": "Pages Scanned",
"value": str(scan_results["pages_scanned"]),
"short": True
}
]
}
]
}
requests.post(webhook_url, json=message)
Usage example
invicti = InvictiIntegration("your_api_token")
Start scan
scan_id = invicti.start_scan("https://example.com", "comprehensive-profile") print(f"Started scan: {scan_id}")
Wait for completion
scan_status = invicti.wait_for_scan_completion(scan_id) print(f"Scan completed: {scan_status['State']}")
Get vulnerabilities
vulnerabilities = invicti.get_vulnerabilities(scan_id) print(f"Found {len(vulnerabilities)} vulnerabilities")
Create Jira tickets for critical/high vulnerabilities
jira_config = { "base_url": "https://company.atlassian.net", "username": "jira_user", "password": "jira_password", "project_key": "SEC" }
tickets = invicti.create_jira_tickets(vulnerabilities, jira_config) print(f"Created {len(tickets)} Jira tickets")
Send Slack notification
scan_results = { "target_url": "https://example.com", "vulnerabilities": vulnerabilities, "duration": "2h 15m", "pages_scanned": 1250 }
invicti.send_slack_notification(scan_results, "https://hooks.slack.com/services/...") ```_
Fehlerbehebung und Best Practices
Leistungsoptimierung
```bash
Optimize scan performance
Invicti.exe --configure-performance \ --max-concurrent-requests 15 \ --request-delay 500 \ --timeout 45000 \ --memory-limit 8GB
Database optimization (Enterprise)
Invicti.exe --optimize-database \ --rebuild-indexes \ --update-statistics \ --cleanup-old-scans 90d
Network optimization
Invicti.exe --configure-network \ --connection-pool-size 50 \ --keep-alive-timeout 30s \ --dns-cache-timeout 300s ```_
Gemeinsame Themen und Lösungen
```bash
Authentication issues
Invicti.exe --test-authentication --url "https://app.example.com" \ --auth-sequence "login_sequence.xml" \ --verbose
Scan failures and timeouts
Invicti.exe --diagnose-scan-issues --scan-id "12345" \ --export-debug-log "debug.log"
False positive management
Invicti.exe --manage-false-positives \ --vulnerability-id "vuln-123" \ --mark-false-positive \ --reason "Test environment data"
Performance issues
Invicti.exe --performance-analysis --scan-id "12345" \ --generate-performance-report ```_
Sicherheit Best Practices
```bash
Secure configuration
Invicti.exe --secure-configuration \ --enable-encryption \ --require-strong-passwords \ --enable-audit-logging \ --session-timeout 30m
Access control
Invicti.exe --configure-access-control \ --enable-rbac \ --require-mfa \ --ip-whitelist "192.168.1.0/24,10.0.0.0/8"
Data protection
Invicti.exe --configure-data-protection \ --encrypt-sensitive-data \ --anonymize-scan-data \ --data-retention-policy 365d ```_
Ressourcen
Dokumentation und Support
- Invicti Dokumentation
- [API Reference](LINK_12 -%20(_LINK_12)
- Video-Tutorials
Gemeinschaft und Ausbildung
- [Invicti Community Forum](__LINK_12 -%20(_LINK_12_)
- [Zertifizierungsprogramm](LINK_12___ -%20[Webinar%20Series](LINK_12
%20Integrationsressourcen
-%20[CI/CD%20Integration%20Guide](LINK_12__ -%20[SIEM%20Integration](LINK_12 -%20Issue%20Tracking%20Integration - [Integrationsbeispiele](__LINK_12___