Feuille de Cheat Invicti
Aperçu général
Invicti (anciennement Netsparker) est un scanner de sécurité d'application web de qualité entreprise qui combine Dynamic Application Security Testing (DAST) et Interactive Application Security Test (IAST) pour une analyse complète de sécurité d'exécution. Il fournit une détection automatisée de vulnérabilité avec un minimum de faux positifs et s'intègre parfaitement dans les pipelines de développement pour des tests de sécurité continus.
C'est pas vrai. Note: Produit commercial d'entreprise. Communiquez avec Invicti pour obtenir des prix et des licences. Essai gratuit disponible.
Installation et configuration
Invicti Enterprise Installation
# System requirements:
# - Windows Server 2016/2019/2022 or Windows 10/11
# - .NET Framework 4.8 or later
# - SQL Server 2016 or later (for Enterprise)
# - 8GB RAM minimum, 16GB recommended
# - 100GB disk space minimum
# Download and installation:
# 1. Download installer from Invicti portal
# 2. Run installer as administrator
# 3. Follow installation wizard
# 4. Configure database connection
# 5. Set up license key
# 6. Configure initial settings
# Command-line installation (silent)
InvictiEnterprise.exe /S /D="C:\Program Files\Invicti\Enterprise"
# Verify installation
"C:\Program Files\Invicti\Enterprise\Invicti.exe" --version
Installation standard Invicti
# Download Invicti Standard
# 1. Visit invicti.com/download
# 2. Download installer
# 3. Run installer
# 4. Enter license key
# 5. Complete setup wizard
# Verify installation
"C:\Program Files\Invicti\Standard\Invicti.exe" --version
# Command-line interface setup
# Add Invicti to PATH environment variable
setx PATH "%PATH%;C:\Program Files\Invicti\Standard"
```_
### Configuration initiale
```bash
# License activation
Invicti.exe --activate-license --key "YOUR_LICENSE_KEY"
# Configure proxy settings (if needed)
Invicti.exe --configure-proxy --host proxy.company.com --port 8080 --username user --password pass
# Set up scan profiles
Invicti.exe --create-profile --name "Standard Web App" --template standard
Invicti.exe --create-profile --name "API Security" --template api
Invicti.exe --create-profile --name "High Security" --template comprehensive
# Configure notification settings
Invicti.exe --configure-notifications --email admin@company.com --smtp smtp.company.com
```_
## Analyse des applications Web
### Opérations de numérisation de base
```bash
# Quick website scan
Invicti.exe --scan --url "https://example.com" --profile "Standard Web App"
# Comprehensive scan with custom settings
Invicti.exe --scan --url "https://example.com" \
--profile "High Security" \
--max-scan-time 4h \
--max-pages 10000 \
--crawl-depth 10
# API endpoint scanning
Invicti.exe --scan --url "https://api.example.com" \
--profile "API Security" \
--openapi-spec "api-spec.yaml" \
--auth-type bearer \
--auth-token "your_api_token"
# Authenticated web application scan
Invicti.exe --scan --url "https://app.example.com" \
--auth-type form \
--login-url "https://app.example.com/login" \
--username "testuser" \
--password "testpass" \
--login-success-indicator "Dashboard"
Configuration avancée de numérisation
# Custom scan with exclusions and inclusions
Invicti.exe --scan --url "https://example.com" \
--include-paths "/app/*,/api/*" \
--exclude-paths "/admin/*,/internal/*" \
--exclude-extensions "pdf,jpg,png,gif" \
--custom-headers "X-API-Key: your_key"
# Single Page Application (SPA) scanning
Invicti.exe --scan --url "https://spa.example.com" \
--spa-mode enabled \
--javascript-engine chrome \
--wait-for-javascript 5000 \
--capture-screenshots
# Mobile web application scanning
Invicti.exe --scan --url "https://m.example.com" \
--user-agent mobile \
--viewport-size "375x667" \
--touch-events enabled
# Multi-step authentication scanning
Invicti.exe --scan --url "https://app.example.com" \
--auth-sequence "login_sequence.xml" \
--session-management advanced \
--maintain-session
Scanner les profils et les modèles
<!-- standard_web_app_profile.xml -->
<ScanProfile>
<Name>Standard Web Application</Name>
<Description>Comprehensive scan for typical web applications</Description>
<CrawlingSettings>
<MaxCrawlDepth>8</MaxCrawlDepth>
<MaxPageCount>5000</MaxPageCount>
<MaxScanTime>2h</MaxScanTime>
<FollowRedirects>true</FollowRedirects>
<ParseRobotsTxt>true</ParseRobotsTxt>
</CrawlingSettings>
<SecurityChecks>
<SQLInjection enabled="true" intensity="high"/>
<CrossSiteScripting enabled="true" intensity="high"/>
<CrossSiteRequestForgery enabled="true"/>
<DirectoryTraversal enabled="true"/>
<RemoteFileInclusion enabled="true"/>
<LocalFileInclusion enabled="true"/>
<CommandInjection enabled="true"/>
<LDAPInjection enabled="true"/>
<XPathInjection enabled="true"/>
<XMLInjection enabled="true"/>
<HTTPHeaderInjection enabled="true"/>
<WeakAuthentication enabled="true"/>
<SessionManagement enabled="true"/>
<InformationDisclosure enabled="true"/>
<BusinessLogicFlaws enabled="true"/>
</SecurityChecks>
<PerformanceSettings>
<RequestDelay>1000</RequestDelay>
<MaxConcurrentRequests>10</MaxConcurrentRequests>
<RequestTimeout>30000</RequestTimeout>
</PerformanceSettings>
</ScanProfile>
Configuration d'authentification
<!-- form_authentication.xml -->
<AuthenticationSequence>
<Name>Form-based Authentication</Name>
<Step type="navigate">
<URL>https://app.example.com/login</URL>
</Step>
<Step type="fill_form">
<FormSelector>form[action*="login"]</FormSelector>
<Fields>
<Field name="username" value="testuser"/>
<Field name="password" value="testpass"/>
</Fields>
</Step>
<Step type="submit_form">
<FormSelector>form[action*="login"]</FormSelector>
</Step>
<Step type="verify_success">
<SuccessIndicator type="text">Welcome</SuccessIndicator>
<SuccessIndicator type="url_contains">dashboard</SuccessIndicator>
</Step>
<SessionManagement>
<CookieHandling>automatic</CookieHandling>
<SessionTimeout>30m</SessionTimeout>
<ReauthenticateOnFailure>true</ReauthenticateOnFailure>
</SessionManagement>
</AuthenticationSequence>
IAST (Essais de sécurité des applications interactives)
Installation de l'agent IAST
# .NET IAST Agent installation
# Download Invicti.Agent.AspNet.msi from portal
msiexec /i Invicti.Agent.AspNet.msi /quiet
# Configure IAST agent
# Add to web.config or appsettings.json
<!-- web.config for .NET Framework -->
<configuration>
<system.webServer>
<modules>
<add name="InvictiAgent" type="Invicti.Agent.AspNet.InvictiModule" preCondition="managedHandler"/>
</modules>
</system.webServer>
<appSettings>
<add key="Invicti.Agent.ServerUrl" value="https://invicti.company.com"/>
<add key="Invicti.Agent.Token" value="your_agent_token"/>
<add key="Invicti.Agent.ApplicationName" value="MyWebApp"/>
<add key="Invicti.Agent.Environment" value="Production"/>
</appSettings>
</configuration>
// appsettings.json for .NET Core
{
"Invicti": {
"Agent": {
"ServerUrl": "https://invicti.company.com",
"Token": "your_agent_token",
"ApplicationName": "MyWebApp",
"Environment": "Production",
"EnableRuntimeProtection": true,
"SensitiveDataRedaction": true
}
}
}
Java IAST Agent
# Download Java agent JAR
wget https://download.invicti.com/agents/java/invicti-agent.jar
# Add to JVM startup parameters
java -javaagent:invicti-agent.jar \
-Dinvicti.agent.server.url=https://invicti.company.com \
-Dinvicti.agent.token=your_agent_token \
-Dinvicti.agent.application.name=MyJavaApp \
-jar myapplication.jar
# Tomcat configuration (catalina.sh)
export CATALINA_OPTS="$CATALINA_OPTS -javaagent:/path/to/invicti-agent.jar"
export CATALINA_OPTS="$CATALINA_OPTS -Dinvicti.agent.server.url=https://invicti.company.com"
export CATALINA_OPTS="$CATALINA_OPTS -Dinvicti.agent.token=your_agent_token"
Node.js Agent IAST
# Install Node.js agent
npm install @invicti/agent
# Configure in application
// app.js
const invictiAgent = require('@invicti/agent');
// Initialize agent before other modules
invictiAgent.init({
serverUrl: 'https://invicti.company.com',
token: 'your_agent_token',
applicationName: 'MyNodeApp',
environment: 'production',
enableRuntimeProtection: true,
sensitiveDataRedaction: true
});
// Your application code
const express = require('express');
const app = express();
// Routes and middleware
app.get('/', (req, res) => {
res.send('Hello World!');
});
app.listen(3000, () => {
console.log('Server running on port 3000');
});
Configuration et gestion IAST
# Verify IAST agent connectivity
Invicti.exe --verify-iast-agent --application "MyWebApp"
# Configure IAST policies
Invicti.exe --configure-iast --application "MyWebApp" \
--enable-runtime-protection \
--enable-data-flow-analysis \
--sensitive-data-redaction
# View IAST agent status
Invicti.exe --iast-status --application "MyWebApp"
# Download IAST findings
Invicti.exe --export-iast-findings --application "MyWebApp" \
--format json \
--output iast_findings.json
Test de sécurité de l'API
Intégration OpenAPI/Swagger
# Scan API using OpenAPI specification
Invicti.exe --scan-api --openapi-spec "api-spec.yaml" \
--base-url "https://api.example.com" \
--auth-type bearer \
--auth-token "your_api_token"
# Generate API specification from live endpoint
Invicti.exe --discover-api --url "https://api.example.com" \
--output-spec "discovered-api.yaml" \
--auth-header "Authorization: Bearer your_token"
# Custom API security profile
Invicti.exe --scan-api --openapi-spec "api-spec.yaml" \
--profile "API Security" \
--test-business-logic \
--test-rate-limiting \
--test-authentication-bypass
Tests de sécurité de GraphQL
# GraphQL endpoint scanning
Invicti.exe --scan-graphql --url "https://api.example.com/graphql" \
--introspection-enabled \
--auth-header "Authorization: Bearer your_token"
# GraphQL schema analysis
Invicti.exe --analyze-graphql-schema --url "https://api.example.com/graphql" \
--output-schema "graphql-schema.json" \
--test-depth-limiting \
--test-query-complexity
Essai de l'API REST
# Comprehensive REST API scan
Invicti.exe --scan-rest-api --base-url "https://api.example.com" \
--endpoints-file "api-endpoints.txt" \
--test-injection-attacks \
--test-broken-authentication \
--test-excessive-data-exposure
# API rate limiting and DoS testing
Invicti.exe --test-api-limits --url "https://api.example.com" \
--rate-limit-test \
--concurrent-requests 100 \
--test-duration 60s
Caractéristiques et gestion de l'entreprise
Gestion multi-utilisateurs
# User management
Invicti.exe --add-user --username "john.doe" \
--email "john.doe@company.com" \
--role "Security Analyst" \
--permissions "scan,view_reports"
# Role-based access control
Invicti.exe --create-role --name "Developer" \
--permissions "view_own_scans,create_scans" \
--restrictions "no_admin_access"
# Team and project management
Invicti.exe --create-team --name "Web Security Team" \
--members "john.doe,jane.smith" \
--projects "WebApp1,WebApp2"
Gestion centralisée de la numérisation
# Scan scheduling
Invicti.exe --schedule-scan --url "https://example.com" \
--schedule "daily" \
--time "02:00" \
--timezone "UTC" \
--profile "Standard Web App"
# Distributed scanning setup
Invicti.exe --configure-scan-agent --name "Agent1" \
--location "DataCenter1" \
--max-concurrent-scans 5
# Scan queue management
Invicti.exe --view-scan-queue
Invicti.exe --prioritize-scan --scan-id "12345" --priority high
Invicti.exe --cancel-scan --scan-id "12345"
Conformité et rapports
# Compliance reporting
Invicti.exe --generate-compliance-report \
--framework "PCI-DSS" \
--projects "all" \
--period "quarterly" \
--output "pci_compliance_report.pdf"
# Executive dashboard export
Invicti.exe --export-dashboard --type "executive" \
--format "pdf" \
--include-trends \
--output "executive_dashboard.pdf"
# Vulnerability trend analysis
Invicti.exe --analyze-trends --projects "all" \
--period "last_6_months" \
--metrics "vulnerability_count,severity_distribution" \
--output "trend_analysis.json"
Intégration CI/CD
Intégration Jenkins
// Jenkinsfile
pipeline {
agent any
environment {
INVICTI_API_TOKEN = credentials('invicti-api-token')
}
stages {
stage('Build') {
steps {
// Build application
sh 'npm install && npm run build'
}
}
stage('Deploy to Staging') {
steps {
// Deploy to staging environment
sh 'docker-compose up -d'
// Wait for application to be ready
sh 'sleep 30'
}
}
stage('Security Scan') {
steps {
script {
// Start Invicti scan
def scanResult = sh(
script: """
Invicti.exe --scan --url "http://staging.example.com" \
--profile "CI/CD Security" \
--api-token "${INVICTI_API_TOKEN}" \
--wait-for-completion \
--max-scan-time 30m \
--output-format json
""",
returnStdout: true
)
def scanData = readJSON text: scanResult
// Check for critical vulnerabilities
if (scanData.vulnerabilities.critical > 0) {
error("Critical vulnerabilities found: ${scanData.vulnerabilities.critical}")
}
// Generate report
sh """
Invicti.exe --export-report --scan-id "${scanData.scanId}" \
--format "html" \
--output "security_report.html"
"""
}
}
}
stage('Deploy to Production') {
when {
branch 'main'
}
steps {
echo 'Deploying to production...'
// Production deployment steps
}
}
}
post {
always {
archiveArtifacts artifacts: 'security_report.html', fingerprint: true
publishHTML([
allowMissing: false,
alwaysLinkToLastBuild: true,
keepAll: true,
reportDir: '.',
reportFiles: 'security_report.html',
reportName: 'Invicti Security Report'
])
}
failure {
emailext (
subject: "Security Scan Failed: ${env.JOB_NAME} - ${env.BUILD_NUMBER}",
body: "Security vulnerabilities found in build ${env.BUILD_NUMBER}. Check the report for details.",
to: "security-team@company.com"
)
}
}
}
Azure DevOps Intégration
# azure-pipelines.yml
trigger:
- main
- develop
pool:
vmImage: 'windows-latest'
variables:
invictiApiToken: $(INVICTI_API_TOKEN)
stages:
- stage: Build
jobs:
- job: BuildApp
steps:
- task: NodeTool@0
inputs:
versionSpec: '16.x'
- script: |
npm install
npm run build
displayName: 'Build Application'
- stage: SecurityScan
dependsOn: Build
jobs:
- job: InvictiScan
steps:
- task: PowerShell@2
displayName: 'Run Invicti Security Scan'
inputs:
targetType: 'inline'
script: |
$scanResult = & "C:\Program Files\Invicti\Enterprise\Invicti.exe" `
--scan `
--url "https://$(Build.BuildId).staging.example.com" `
--profile "Azure DevOps" `
--api-token "$(invictiApiToken)" `
--wait-for-completion `
--max-scan-time "30m" `
--output-format "json"
$scanData = $scanResult | ConvertFrom-Json
if ($scanData.vulnerabilities.critical -gt 0) {
Write-Error "Critical vulnerabilities found: $($scanData.vulnerabilities.critical)"
exit 1
}
# Export report
& "C:\Program Files\Invicti\Enterprise\Invicti.exe" `
--export-report `
--scan-id "$($scanData.scanId)" `
--format "html" `
--output "$(Agent.TempDirectory)\security_report.html"
- task: PublishHtmlReport@1
displayName: 'Publish Security Report'
inputs:
reportDir: '$(Agent.TempDirectory)'
tabName: 'Invicti Security Report'
- stage: Deploy
dependsOn: SecurityScan
condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'))
jobs:
- deployment: DeployToProduction
environment: 'production'
strategy:
runOnce:
deploy:
steps:
- script: echo "Deploying to production..."
displayName: 'Deploy Application'
Intégration des actions GitHub
# .github/workflows/security-scan.yml
name: Security Scan with Invicti
on:
push:
branches: [main, develop]
pull_request:
branches: [main]
jobs:
security-scan:
runs-on: windows-latest
steps:
- uses: actions/checkout@v3
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '16'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Build application
run: npm run build
- name: Deploy to staging
run: |
# Deploy application to staging environment
echo "Deploying to staging..."
- name: Run Invicti Security Scan
env:
INVICTI_API_TOKEN: ${{ secrets.INVICTI_API_TOKEN }}
run: |
$scanResult = & "C:\Program Files\Invicti\Enterprise\Invicti.exe" `
--scan `
--url "https://staging.example.com" `
--profile "GitHub Actions" `
--api-token "$env:INVICTI_API_TOKEN" `
--wait-for-completion `
--max-scan-time "30m" `
--output-format "json"
$scanData = $scanResult | ConvertFrom-Json
# Export detailed report
& "C:\Program Files\Invicti\Enterprise\Invicti.exe" `
--export-report `
--scan-id "$($scanData.scanId)" `
--format "json" `
--output "security_results.json"
# Check for critical vulnerabilities
if ($scanData.vulnerabilities.critical -gt 0) {
Write-Error "Critical vulnerabilities found: $($scanData.vulnerabilities.critical)"
exit 1
}
- name: Upload Security Results
uses: actions/upload-artifact@v3
if: always()
with:
name: security-scan-results
path: security_results.json
- name: Comment PR with Results
if: github.event_name == 'pull_request'
uses: actions/github-script@v6
with:
script: |
const fs = require('fs');
const results = JSON.parse(fs.readFileSync('security_results.json', 'utf8'));
const comment = `## 🔒 Security Scan Results
**Vulnerabilities Found:**
- Critical: ${results.vulnerabilities.critical}
- High: ${results.vulnerabilities.high}
- Medium: ${results.vulnerabilities.medium}
- Low: ${results.vulnerabilities.low}
**Scan Details:**
- Scan ID: ${results.scanId}
- Duration: ${results.scanDuration}
- Pages Scanned: ${results.pagesScanned}
${results.vulnerabilities.critical > 0 ? '❌ **Critical vulnerabilities found! Please review and fix before merging.**' : '✅ **No critical vulnerabilities found.**'}
`;
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: comment
});
API et automatisation
API REST Utilisation
# Authentication
export INVICTI_API_TOKEN="your_api_token_here"
export INVICTI_BASE_URL="https://invicti.company.com/api/1.0"
# Get scan list
curl -H "Authorization: Bearer $INVICTI_API_TOKEN" \
"$INVICTI_BASE_URL/scans"
# Start a new scan
curl -X POST \
-H "Authorization: Bearer $INVICTI_API_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"TargetUrl": "https://example.com",
"ProfileId": "standard-web-app",
"ScanType": "FullWithPrimaryProfile"
}' \
"$INVICTI_BASE_URL/scans"
# Get scan status
curl -H "Authorization: Bearer $INVICTI_API_TOKEN" \
"$INVICTI_BASE_URL/scans/12345"
# Download scan report
curl -H "Authorization: Bearer $INVICTI_API_TOKEN" \
"$INVICTI_BASE_URL/scans/12345/report?format=pdf" \
-o "scan_report.pdf"
Automatisation PowerShell
# Invicti PowerShell automation script
param(
[Parameter(Mandatory=$true)]
[string]$TargetUrl,
[Parameter(Mandatory=$true)]
[string]$ApiToken,
[string]$ProfileName = "Standard Web App",
[int]$MaxScanTime = 120,
[string]$OutputPath = "."
)
# Set up API headers
$headers = @{
"Authorization" = "Bearer $ApiToken"
"Content-Type" = "application/json"
}
$baseUrl = "https://invicti.company.com/api/1.0"
# Function to start scan
function Start-InvictiScan {
param($url, $profile)
$scanRequest = @{
TargetUrl = $url
ProfileId = $profile
ScanType = "FullWithPrimaryProfile"
MaxScanTime = $MaxScanTime
} | ConvertTo-Json
$response = Invoke-RestMethod -Uri "$baseUrl/scans" -Method POST -Headers $headers -Body $scanRequest
return $response.Id
}
# Function to wait for scan completion
function Wait-ForScanCompletion {
param($scanId)
do {
Start-Sleep -Seconds 30
$scanStatus = Invoke-RestMethod -Uri "$baseUrl/scans/$scanId" -Headers $headers
Write-Host "Scan status: $($scanStatus.State) - Progress: $($scanStatus.Progress)%"
} while ($scanStatus.State -eq "Running")
return $scanStatus
}
# Function to download report
function Get-ScanReport {
param($scanId, $format = "pdf")
$reportUrl = "$baseUrl/scans/$scanId/report?format=$format"
$outputFile = Join-Path $OutputPath "invicti_report_$scanId.$format"
Invoke-WebRequest -Uri $reportUrl -Headers $headers -OutFile $outputFile
return $outputFile
}
# Main execution
try {
Write-Host "Starting Invicti scan for: $TargetUrl"
# Start scan
$scanId = Start-InvictiScan -url $TargetUrl -profile $ProfileName
Write-Host "Scan started with ID: $scanId"
# Wait for completion
$finalStatus = Wait-ForScanCompletion -scanId $scanId
Write-Host "Scan completed with status: $($finalStatus.State)"
# Download reports
$pdfReport = Get-ScanReport -scanId $scanId -format "pdf"
$jsonReport = Get-ScanReport -scanId $scanId -format "json"
Write-Host "Reports downloaded:"
Write-Host " PDF: $pdfReport"
Write-Host " JSON: $jsonReport"
# Parse results
$results = Get-Content $jsonReport | ConvertFrom-Json
$criticalCount = ($results.Vulnerabilities | Where-Object { $_.Severity -eq "Critical" }).Count
$highCount = ($results.Vulnerabilities | Where-Object { $_.Severity -eq "High" }).Count
Write-Host "Vulnerability Summary:"
Write-Host " Critical: $criticalCount"
Write-Host " High: $highCount"
Write-Host " Total: $($results.Vulnerabilities.Count)"
# Exit with error if critical vulnerabilities found
if ($criticalCount -gt 0) {
Write-Error "Critical vulnerabilities found! Scan failed."
exit 1
}
Write-Host "Scan completed successfully!"
} catch {
Write-Error "Scan failed: $($_.Exception.Message)"
exit 1
}
Configuration et personnalisation avancées
Vulnérabilité personnalisée Contrôles
<!-- custom_checks.xml -->
<CustomChecks>
<Check id="custom_sql_injection">
<Name>Advanced SQL Injection Detection</Name>
<Description>Custom SQL injection patterns for specific application</Description>
<Category>Injection</Category>
<Severity>High</Severity>
<TestCases>
<TestCase>
<Payload>' OR '1'='1' --</Payload>
<ExpectedResponse type="error_message">SQL syntax error</ExpectedResponse>
</TestCase>
<TestCase>
<Payload>1' UNION SELECT 1,2,3 --</Payload>
<ExpectedResponse type="content_change">significant</ExpectedResponse>
</TestCase>
</TestCases>
<FalsePositiveReduction>
<ExcludeIfContains>test environment</ExcludeIfContains>
<ExcludeIfContains>demo data</ExcludeIfContains>
</FalsePositiveReduction>
</Check>
<Check id="custom_business_logic">
<Name>Business Logic Flaw Detection</Name>
<Description>Custom business logic vulnerability checks</Description>
<Category>BusinessLogic</Category>
<Severity>Medium</Severity>
<TestCases>
<TestCase>
<Description>Price manipulation test</Description>
<Steps>
<Step type="navigate">checkout.php</Step>
<Step type="modify_parameter">price=-100</Step>
<Step type="submit_form">checkout_form</Step>
</Steps>
<ExpectedResponse type="success_indicator">Order confirmed</ExpectedResponse>
</TestCase>
</TestCases>
</Check>
</CustomChecks>
Intégration avec les outils externes
# invicti_integration.py
import requests
import json
import time
from typing import Dict, List, Optional
class InvictiIntegration:
def __init__(self, api_token: str, base_url: str = "https://invicti.company.com/api/1.0"):
self.api_token = api_token
self.base_url = base_url
self.headers = {
"Authorization": f"Bearer {api_token}",
"Content-Type": "application/json"
}
def start_scan(self, target_url: str, profile_id: str = "standard-web-app") -> str:
"""Start a new security scan"""
scan_data = {
"TargetUrl": target_url,
"ProfileId": profile_id,
"ScanType": "FullWithPrimaryProfile"
}
response = requests.post(
f"{self.base_url}/scans",
headers=self.headers,
json=scan_data
)
if response.status_code == 201:
return response.json()["Id"]
else:
raise Exception(f"Failed to start scan: {response.text}")
def get_scan_status(self, scan_id: str) -> Dict:
"""Get scan status and progress"""
response = requests.get(
f"{self.base_url}/scans/{scan_id}",
headers=self.headers
)
return response.json()
def wait_for_scan_completion(self, scan_id: str, timeout: int = 7200) -> Dict:
"""Wait for scan to complete with timeout"""
start_time = time.time()
while time.time() - start_time < timeout:
status = self.get_scan_status(scan_id)
if status["State"] in ["Completed", "Failed", "Aborted"]:
return status
print(f"Scan progress: {status['Progress']}%")
time.sleep(30)
raise TimeoutError("Scan did not complete within timeout")
def get_vulnerabilities(self, scan_id: str) -> List[Dict]:
"""Get vulnerabilities from completed scan"""
response = requests.get(
f"{self.base_url}/scans/{scan_id}/vulnerabilities",
headers=self.headers
)
return response.json()
def export_report(self, scan_id: str, format: str = "json") -> bytes:
"""Export scan report in specified format"""
response = requests.get(
f"{self.base_url}/scans/{scan_id}/report?format={format}",
headers=self.headers
)
return response.content
def create_jira_tickets(self, vulnerabilities: List[Dict], jira_config: Dict) -> List[str]:
"""Create Jira tickets for high/critical vulnerabilities"""
jira_tickets = []
for vuln in vulnerabilities:
if vuln["Severity"] in ["Critical", "High"]:
ticket_data = {
"fields": {
"project": {"key": jira_config["project_key"]},
"summary": f"Security Vulnerability: {vuln['Name']}",
"description": f"""
Vulnerability Details:
- Type: {vuln['Type']}
- Severity: {vuln['Severity']}
- URL: {vuln['Url']}
- Description: {vuln['Description']}
- Remediation: {vuln['Remediation']}
Invicti Scan ID: {vuln['ScanId']}
""",
"issuetype": {"name": "Bug"},
"priority": {"name": "High" if vuln["Severity"] == "Critical" else "Medium"},
"labels": ["security", "invicti", vuln["Type"].lower()]
}
}
jira_response = requests.post(
f"{jira_config['base_url']}/rest/api/2/issue",
auth=(jira_config["username"], jira_config["password"]),
headers={"Content-Type": "application/json"},
json=ticket_data
)
if jira_response.status_code == 201:
ticket_key = jira_response.json()["key"]
jira_tickets.append(ticket_key)
print(f"Created Jira ticket: {ticket_key}")
return jira_tickets
def send_slack_notification(self, scan_results: Dict, webhook_url: str):
"""Send scan results to Slack"""
critical_count = len([v for v in scan_results["vulnerabilities"] if v["Severity"] == "Critical"])
high_count = len([v for v in scan_results["vulnerabilities"] if v["Severity"] == "High"])
color = "danger" if critical_count > 0 else "warning" if high_count > 0 else "good"
message = {
"attachments": [
{
"color": color,
"title": f"Invicti Security Scan Results - {scan_results['target_url']}",
"fields": [
{
"title": "Critical Vulnerabilities",
"value": str(critical_count),
"short": True
},
{
"title": "High Vulnerabilities",
"value": str(high_count),
"short": True
},
{
"title": "Scan Duration",
"value": scan_results["duration"],
"short": True
},
{
"title": "Pages Scanned",
"value": str(scan_results["pages_scanned"]),
"short": True
}
]
}
]
}
requests.post(webhook_url, json=message)
# Usage example
invicti = InvictiIntegration("your_api_token")
# Start scan
scan_id = invicti.start_scan("https://example.com", "comprehensive-profile")
print(f"Started scan: {scan_id}")
# Wait for completion
scan_status = invicti.wait_for_scan_completion(scan_id)
print(f"Scan completed: {scan_status['State']}")
# Get vulnerabilities
vulnerabilities = invicti.get_vulnerabilities(scan_id)
print(f"Found {len(vulnerabilities)} vulnerabilities")
# Create Jira tickets for critical/high vulnerabilities
jira_config = {
"base_url": "https://company.atlassian.net",
"username": "jira_user",
"password": "jira_password",
"project_key": "SEC"
}
tickets = invicti.create_jira_tickets(vulnerabilities, jira_config)
print(f"Created {len(tickets)} Jira tickets")
# Send Slack notification
scan_results = {
"target_url": "https://example.com",
"vulnerabilities": vulnerabilities,
"duration": "2h 15m",
"pages_scanned": 1250
}
invicti.send_slack_notification(scan_results, "https://hooks.slack.com/services/...")
Dépannage et meilleures pratiques
Optimisation des performances
# Optimize scan performance
Invicti.exe --configure-performance \
--max-concurrent-requests 15 \
--request-delay 500 \
--timeout 45000 \
--memory-limit 8GB
# Database optimization (Enterprise)
Invicti.exe --optimize-database \
--rebuild-indexes \
--update-statistics \
--cleanup-old-scans 90d
# Network optimization
Invicti.exe --configure-network \
--connection-pool-size 50 \
--keep-alive-timeout 30s \
--dns-cache-timeout 300s
Questions et solutions communes
# Authentication issues
Invicti.exe --test-authentication --url "https://app.example.com" \
--auth-sequence "login_sequence.xml" \
--verbose
# Scan failures and timeouts
Invicti.exe --diagnose-scan-issues --scan-id "12345" \
--export-debug-log "debug.log"
# False positive management
Invicti.exe --manage-false-positives \
--vulnerability-id "vuln-123" \
--mark-false-positive \
--reason "Test environment data"
# Performance issues
Invicti.exe --performance-analysis --scan-id "12345" \
--generate-performance-report
Pratiques exemplaires en matière de sécurité
# Secure configuration
Invicti.exe --secure-configuration \
--enable-encryption \
--require-strong-passwords \
--enable-audit-logging \
--session-timeout 30m
# Access control
Invicti.exe --configure-access-control \
--enable-rbac \
--require-mfa \
--ip-whitelist "192.168.1.0/24,10.0.0.0/8"
# Data protection
Invicti.exe --configure-data-protection \
--encrypt-sensitive-data \
--anonymize-scan-data \
--data-retention-policy 365d
Ressources
Documentation et appui
- [Documentation d'invicti] (LINK_12)
- [Référence API] (LINK_12)
- [Base de connaissances] (LINK_12)
- [Tutoriels vidéo] (LINK_12)
Communauté et formation
- [Forum communautaire d'Invicti] (LINK_12)
- [Cours de formation] (LINK_12)
- [Programme de certification] (LINK_12)
- [Série Webinaire] (LINK_12)
Ressources pour l'intégration
- [Guide d'intégration IC/CD] (LINK_12)
- [Intégration du SIEM] (LINK_12)
- [Intégration du suivi des questions] (LINK_12)
- Exemples d'intégration douanière