Invicti Cheat Sheet
Overview
Invicti (formerly Netsparker) is an enterprise-grade web application security scanner that combines Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST) for comprehensive runtime security analysis. It provides automated vulnerability detection with minimal false positives and integrates seamlessly into development pipelines for continuous security testing.
⚠️ Note: Enterprise commercial product. Contact Invicti for pricing and licensing. Free trial available.
Installation and Setup
Invicti Enterprise Installation
# System requirements:
# - Windows Server 2016/2019/2022 or Windows 10/11
# - .NET Framework 4.8 or later
# - SQL Server 2016 or later (for Enterprise)
# - 8GB RAM minimum, 16GB recommended
# - 100GB disk space minimum
# Download and installation:
# 1. Download installer from Invicti portal
# 2. Run installer as administrator
# 3. Follow installation wizard
# 4. Configure database connection
# 5. Set up license key
# 6. Configure initial settings
# Command-line installation (silent)
InvictiEnterprise.exe /S /D="C:\Program Files\Invicti\Enterprise"
# Verify installation
"C:\Program Files\Invicti\Enterprise\Invicti.exe" --version
Invicti Standard Installation
# Download Invicti Standard
# 1. Visit invicti.com/download
# 2. Download installer
# 3. Run installer
# 4. Enter license key
# 5. Complete setup wizard
# Verify installation
"C:\Program Files\Invicti\Standard\Invicti.exe" --version
# Command-line interface setup
# Add Invicti to PATH environment variable
setx PATH "%PATH%;C:\Program Files\Invicti\Standard"
Initial Configuration
# License activation
Invicti.exe --activate-license --key "YOUR_LICENSE_KEY"
# Configure proxy settings (if needed)
Invicti.exe --configure-proxy --host proxy.company.com --port 8080 --username user --password pass
# Set up scan profiles
Invicti.exe --create-profile --name "Standard Web App" --template standard
Invicti.exe --create-profile --name "API Security" --template api
Invicti.exe --create-profile --name "High Security" --template comprehensive
# Configure notification settings
Invicti.exe --configure-notifications --email admin@company.com --smtp smtp.company.com
Web Application Scanning
Basic Scanning Operations
# Quick website scan
Invicti.exe --scan --url "https://example.com" --profile "Standard Web App"
# Comprehensive scan with custom settings
Invicti.exe --scan --url "https://example.com" \
--profile "High Security" \
--max-scan-time 4h \
--max-pages 10000 \
--crawl-depth 10
# API endpoint scanning
Invicti.exe --scan --url "https://api.example.com" \
--profile "API Security" \
--openapi-spec "api-spec.yaml" \
--auth-type bearer \
--auth-token "your_api_token"
# Authenticated web application scan
Invicti.exe --scan --url "https://app.example.com" \
--auth-type form \
--login-url "https://app.example.com/login" \
--username "testuser" \
--password "testpass" \
--login-success-indicator "Dashboard"
Advanced Scanning Configuration
# Custom scan with exclusions and inclusions
Invicti.exe --scan --url "https://example.com" \
--include-paths "/app/*,/api/*" \
--exclude-paths "/admin/*,/internal/*" \
--exclude-extensions "pdf,jpg,png,gif" \
--custom-headers "X-API-Key: your_key"
# Single Page Application (SPA) scanning
Invicti.exe --scan --url "https://spa.example.com" \
--spa-mode enabled \
--javascript-engine chrome \
--wait-for-javascript 5000 \
--capture-screenshots
# Mobile web application scanning
Invicti.exe --scan --url "https://m.example.com" \
--user-agent mobile \
--viewport-size "375x667" \
--touch-events enabled
# Multi-step authentication scanning
Invicti.exe --scan --url "https://app.example.com" \
--auth-sequence "login_sequence.xml" \
--session-management advanced \
--maintain-session
Scan Profiles and Templates
<!-- standard_web_app_profile.xml -->
<ScanProfile>
<Name>Standard Web Application</Name>
<Description>Comprehensive scan for typical web applications</Description>
<CrawlingSettings>
<MaxCrawlDepth>8</MaxCrawlDepth>
<MaxPageCount>5000</MaxPageCount>
<MaxScanTime>2h</MaxScanTime>
<FollowRedirects>true</FollowRedirects>
<ParseRobotsTxt>true</ParseRobotsTxt>
</CrawlingSettings>
<SecurityChecks>
<SQLInjection enabled="true" intensity="high"/>
<CrossSiteScripting enabled="true" intensity="high"/>
<CrossSiteRequestForgery enabled="true"/>
<DirectoryTraversal enabled="true"/>
<RemoteFileInclusion enabled="true"/>
<LocalFileInclusion enabled="true"/>
<CommandInjection enabled="true"/>
<LDAPInjection enabled="true"/>
<XPathInjection enabled="true"/>
<XMLInjection enabled="true"/>
<HTTPHeaderInjection enabled="true"/>
<WeakAuthentication enabled="true"/>
<SessionManagement enabled="true"/>
<InformationDisclosure enabled="true"/>
<BusinessLogicFlaws enabled="true"/>
</SecurityChecks>
<PerformanceSettings>
<RequestDelay>1000</RequestDelay>
<MaxConcurrentRequests>10</MaxConcurrentRequests>
<RequestTimeout>30000</RequestTimeout>
</PerformanceSettings>
</ScanProfile>
Authentication Configuration
<!-- form_authentication.xml -->
<AuthenticationSequence>
<Name>Form-based Authentication</Name>
<Step type="navigate">
<URL>https://app.example.com/login</URL>
</Step>
<Step type="fill_form">
<FormSelector>form[action*="login"]</FormSelector>
<Fields>
<Field name="username" value="testuser"/>
<Field name="password" value="testpass"/>
</Fields>
</Step>
<Step type="submit_form">
<FormSelector>form[action*="login"]</FormSelector>
</Step>
<Step type="verify_success">
<SuccessIndicator type="text">Welcome</SuccessIndicator>
<SuccessIndicator type="url_contains">dashboard</SuccessIndicator>
</Step>
<SessionManagement>
<CookieHandling>automatic</CookieHandling>
<SessionTimeout>30m</SessionTimeout>
<ReauthenticateOnFailure>true</ReauthenticateOnFailure>
</SessionManagement>
</AuthenticationSequence>
IAST (Interactive Application Security Testing)
IAST Agent Installation
# .NET IAST Agent installation
# Download Invicti.Agent.AspNet.msi from portal
msiexec /i Invicti.Agent.AspNet.msi /quiet
# Configure IAST agent
# Add to web.config or appsettings.json
<!-- web.config for .NET Framework -->
<configuration>
<system.webServer>
<modules>
<add name="InvictiAgent" type="Invicti.Agent.AspNet.InvictiModule" preCondition="managedHandler"/>
</modules>
</system.webServer>
<appSettings>
<add key="Invicti.Agent.ServerUrl" value="https://invicti.company.com"/>
<add key="Invicti.Agent.Token" value="your_agent_token"/>
<add key="Invicti.Agent.ApplicationName" value="MyWebApp"/>
<add key="Invicti.Agent.Environment" value="Production"/>
</appSettings>
</configuration>
// appsettings.json for .NET Core
{
"Invicti": {
"Agent": {
"ServerUrl": "https://invicti.company.com",
"Token": "your_agent_token",
"ApplicationName": "MyWebApp",
"Environment": "Production",
"EnableRuntimeProtection": true,
"SensitiveDataRedaction": true
}
}
}
Java IAST Agent
# Download Java agent JAR
wget https://download.invicti.com/agents/java/invicti-agent.jar
# Add to JVM startup parameters
java -javaagent:invicti-agent.jar \
-Dinvicti.agent.server.url=https://invicti.company.com \
-Dinvicti.agent.token=your_agent_token \
-Dinvicti.agent.application.name=MyJavaApp \
-jar myapplication.jar
# Tomcat configuration (catalina.sh)
export CATALINA_OPTS="$CATALINA_OPTS -javaagent:/path/to/invicti-agent.jar"
export CATALINA_OPTS="$CATALINA_OPTS -Dinvicti.agent.server.url=https://invicti.company.com"
export CATALINA_OPTS="$CATALINA_OPTS -Dinvicti.agent.token=your_agent_token"
Node.js IAST Agent
# Install Node.js agent
npm install @invicti/agent
# Configure in application
// app.js
const invictiAgent = require('@invicti/agent');
// Initialize agent before other modules
invictiAgent.init({
serverUrl: 'https://invicti.company.com',
token: 'your_agent_token',
applicationName: 'MyNodeApp',
environment: 'production',
enableRuntimeProtection: true,
sensitiveDataRedaction: true
});
// Your application code
const express = require('express');
const app = express();
// Routes and middleware
app.get('/', (req, res) => {
res.send('Hello World!');
});
app.listen(3000, () => {
console.log('Server running on port 3000');
});
IAST Configuration and Management
# Verify IAST agent connectivity
Invicti.exe --verify-iast-agent --application "MyWebApp"
# Configure IAST policies
Invicti.exe --configure-iast --application "MyWebApp" \
--enable-runtime-protection \
--enable-data-flow-analysis \
--sensitive-data-redaction
# View IAST agent status
Invicti.exe --iast-status --application "MyWebApp"
# Download IAST findings
Invicti.exe --export-iast-findings --application "MyWebApp" \
--format json \
--output iast_findings.json
API Security Testing
OpenAPI/Swagger Integration
# Scan API using OpenAPI specification
Invicti.exe --scan-api --openapi-spec "api-spec.yaml" \
--base-url "https://api.example.com" \
--auth-type bearer \
--auth-token "your_api_token"
# Generate API specification from live endpoint
Invicti.exe --discover-api --url "https://api.example.com" \
--output-spec "discovered-api.yaml" \
--auth-header "Authorization: Bearer your_token"
# Custom API security profile
Invicti.exe --scan-api --openapi-spec "api-spec.yaml" \
--profile "API Security" \
--test-business-logic \
--test-rate-limiting \
--test-authentication-bypass
GraphQL Security Testing
# GraphQL endpoint scanning
Invicti.exe --scan-graphql --url "https://api.example.com/graphql" \
--introspection-enabled \
--auth-header "Authorization: Bearer your_token"
# GraphQL schema analysis
Invicti.exe --analyze-graphql-schema --url "https://api.example.com/graphql" \
--output-schema "graphql-schema.json" \
--test-depth-limiting \
--test-query-complexity
REST API Testing
# Comprehensive REST API scan
Invicti.exe --scan-rest-api --base-url "https://api.example.com" \
--endpoints-file "api-endpoints.txt" \
--test-injection-attacks \
--test-broken-authentication \
--test-excessive-data-exposure
# API rate limiting and DoS testing
Invicti.exe --test-api-limits --url "https://api.example.com" \
--rate-limit-test \
--concurrent-requests 100 \
--test-duration 60s
Enterprise Features and Management
Multi-User Management
# User management
Invicti.exe --add-user --username "john.doe" \
--email "john.doe@company.com" \
--role "Security Analyst" \
--permissions "scan,view_reports"
# Role-based access control
Invicti.exe --create-role --name "Developer" \
--permissions "view_own_scans,create_scans" \
--restrictions "no_admin_access"
# Team and project management
Invicti.exe --create-team --name "Web Security Team" \
--members "john.doe,jane.smith" \
--projects "WebApp1,WebApp2"
Centralized Scanning Management
# Scan scheduling
Invicti.exe --schedule-scan --url "https://example.com" \
--schedule "daily" \
--time "02:00" \
--timezone "UTC" \
--profile "Standard Web App"
# Distributed scanning setup
Invicti.exe --configure-scan-agent --name "Agent1" \
--location "DataCenter1" \
--max-concurrent-scans 5
# Scan queue management
Invicti.exe --view-scan-queue
Invicti.exe --prioritize-scan --scan-id "12345" --priority high
Invicti.exe --cancel-scan --scan-id "12345"
Compliance and Reporting
# Compliance reporting
Invicti.exe --generate-compliance-report \
--framework "PCI-DSS" \
--projects "all" \
--period "quarterly" \
--output "pci_compliance_report.pdf"
# Executive dashboard export
Invicti.exe --export-dashboard --type "executive" \
--format "pdf" \
--include-trends \
--output "executive_dashboard.pdf"
# Vulnerability trend analysis
Invicti.exe --analyze-trends --projects "all" \
--period "last_6_months" \
--metrics "vulnerability_count,severity_distribution" \
--output "trend_analysis.json"
CI/CD Integration
Jenkins Integration
// Jenkinsfile
pipeline {
agent any
environment {
INVICTI_API_TOKEN = credentials('invicti-api-token')
}
stages {
stage('Build') {
steps {
// Build application
sh 'npm install && npm run build'
}
}
stage('Deploy to Staging') {
steps {
// Deploy to staging environment
sh 'docker-compose up -d'
// Wait for application to be ready
sh 'sleep 30'
}
}
stage('Security Scan') {
steps {
script {
// Start Invicti scan
def scanResult = sh(
script: """
Invicti.exe --scan --url "http://staging.example.com" \
--profile "CI/CD Security" \
--api-token "${INVICTI_API_TOKEN}" \
--wait-for-completion \
--max-scan-time 30m \
--output-format json
""",
returnStdout: true
)
def scanData = readJSON text: scanResult
// Check for critical vulnerabilities
if (scanData.vulnerabilities.critical > 0) {
error("Critical vulnerabilities found: ${scanData.vulnerabilities.critical}")
}
// Generate report
sh """
Invicti.exe --export-report --scan-id "${scanData.scanId}" \
--format "html" \
--output "security_report.html"
"""
}
}
}
stage('Deploy to Production') {
when {
branch 'main'
}
steps {
echo 'Deploying to production...'
// Production deployment steps
}
}
}
post {
always {
archiveArtifacts artifacts: 'security_report.html', fingerprint: true
publishHTML([
allowMissing: false,
alwaysLinkToLastBuild: true,
keepAll: true,
reportDir: '.',
reportFiles: 'security_report.html',
reportName: 'Invicti Security Report'
])
}
failure {
emailext (
subject: "Security Scan Failed: ${env.JOB_NAME} - ${env.BUILD_NUMBER}",
body: "Security vulnerabilities found in build ${env.BUILD_NUMBER}. Check the report for details.",
to: "security-team@company.com"
)
}
}
}
Azure DevOps Integration
# azure-pipelines.yml
trigger:
- main
- develop
pool:
vmImage: 'windows-latest'
variables:
invictiApiToken: $(INVICTI_API_TOKEN)
stages:
- stage: Build
jobs:
- job: BuildApp
steps:
- task: NodeTool@0
inputs:
versionSpec: '16.x'
- script: |
npm install
npm run build
displayName: 'Build Application'
- stage: SecurityScan
dependsOn: Build
jobs:
- job: InvictiScan
steps:
- task: PowerShell@2
displayName: 'Run Invicti Security Scan'
inputs:
targetType: 'inline'
script: |
$scanResult = & "C:\Program Files\Invicti\Enterprise\Invicti.exe" `
--scan `
--url "https://$(Build.BuildId).staging.example.com" `
--profile "Azure DevOps" `
--api-token "$(invictiApiToken)" `
--wait-for-completion `
--max-scan-time "30m" `
--output-format "json"
$scanData = $scanResult | ConvertFrom-Json
if ($scanData.vulnerabilities.critical -gt 0) {
Write-Error "Critical vulnerabilities found: $($scanData.vulnerabilities.critical)"
exit 1
}
# Export report
& "C:\Program Files\Invicti\Enterprise\Invicti.exe" `
--export-report `
--scan-id "$($scanData.scanId)" `
--format "html" `
--output "$(Agent.TempDirectory)\security_report.html"
- task: PublishHtmlReport@1
displayName: 'Publish Security Report'
inputs:
reportDir: '$(Agent.TempDirectory)'
tabName: 'Invicti Security Report'
- stage: Deploy
dependsOn: SecurityScan
condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'))
jobs:
- deployment: DeployToProduction
environment: 'production'
strategy:
runOnce:
deploy:
steps:
- script: echo "Deploying to production..."
displayName: 'Deploy Application'
GitHub Actions Integration
# .github/workflows/security-scan.yml
name: Security Scan with Invicti
on:
push:
branches: [main, develop]
pull_request:
branches: [main]
jobs:
security-scan:
runs-on: windows-latest
steps:
- uses: actions/checkout@v3
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '16'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Build application
run: npm run build
- name: Deploy to staging
run: |
# Deploy application to staging environment
echo "Deploying to staging..."
- name: Run Invicti Security Scan
env:
INVICTI_API_TOKEN: ${{ secrets.INVICTI_API_TOKEN }}
run: |
$scanResult = & "C:\Program Files\Invicti\Enterprise\Invicti.exe" `
--scan `
--url "https://staging.example.com" `
--profile "GitHub Actions" `
--api-token "$env:INVICTI_API_TOKEN" `
--wait-for-completion `
--max-scan-time "30m" `
--output-format "json"
$scanData = $scanResult | ConvertFrom-Json
# Export detailed report
& "C:\Program Files\Invicti\Enterprise\Invicti.exe" `
--export-report `
--scan-id "$($scanData.scanId)" `
--format "json" `
--output "security_results.json"
# Check for critical vulnerabilities
if ($scanData.vulnerabilities.critical -gt 0) {
Write-Error "Critical vulnerabilities found: $($scanData.vulnerabilities.critical)"
exit 1
}
- name: Upload Security Results
uses: actions/upload-artifact@v3
if: always()
with:
name: security-scan-results
path: security_results.json
- name: Comment PR with Results
if: github.event_name == 'pull_request'
uses: actions/github-script@v6
with:
script: |
const fs = require('fs');
const results = JSON.parse(fs.readFileSync('security_results.json', 'utf8'));
const comment = `## 🔒 Security Scan Results
**Vulnerabilities Found:**
- Critical: ${results.vulnerabilities.critical}
- High: ${results.vulnerabilities.high}
- Medium: ${results.vulnerabilities.medium}
- Low: ${results.vulnerabilities.low}
**Scan Details:**
- Scan ID: ${results.scanId}
- Duration: ${results.scanDuration}
- Pages Scanned: ${results.pagesScanned}
${results.vulnerabilities.critical > 0 ? '❌ **Critical vulnerabilities found! Please review and fix before merging.**' : '✅ **No critical vulnerabilities found.**'}
`;
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: comment
});
API and Automation
REST API Usage
# Authentication
export INVICTI_API_TOKEN="your_api_token_here"
export INVICTI_BASE_URL="https://invicti.company.com/api/1.0"
# Get scan list
curl -H "Authorization: Bearer $INVICTI_API_TOKEN" \
"$INVICTI_BASE_URL/scans"
# Start a new scan
curl -X POST \
-H "Authorization: Bearer $INVICTI_API_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"TargetUrl": "https://example.com",
"ProfileId": "standard-web-app",
"ScanType": "FullWithPrimaryProfile"
}' \
"$INVICTI_BASE_URL/scans"
# Get scan status
curl -H "Authorization: Bearer $INVICTI_API_TOKEN" \
"$INVICTI_BASE_URL/scans/12345"
# Download scan report
curl -H "Authorization: Bearer $INVICTI_API_TOKEN" \
"$INVICTI_BASE_URL/scans/12345/report?format=pdf" \
-o "scan_report.pdf"
PowerShell Automation
# Invicti PowerShell automation script
param(
[Parameter(Mandatory=$true)]
[string]$TargetUrl,
[Parameter(Mandatory=$true)]
[string]$ApiToken,
[string]$ProfileName = "Standard Web App",
[int]$MaxScanTime = 120,
[string]$OutputPath = "."
)
# Set up API headers
$headers = @{
"Authorization" = "Bearer $ApiToken"
"Content-Type" = "application/json"
}
$baseUrl = "https://invicti.company.com/api/1.0"
# Function to start scan
function Start-InvictiScan {
param($url, $profile)
$scanRequest = @{
TargetUrl = $url
ProfileId = $profile
ScanType = "FullWithPrimaryProfile"
MaxScanTime = $MaxScanTime
} | ConvertTo-Json
$response = Invoke-RestMethod -Uri "$baseUrl/scans" -Method POST -Headers $headers -Body $scanRequest
return $response.Id
}
# Function to wait for scan completion
function Wait-ForScanCompletion {
param($scanId)
do {
Start-Sleep -Seconds 30
$scanStatus = Invoke-RestMethod -Uri "$baseUrl/scans/$scanId" -Headers $headers
Write-Host "Scan status: $($scanStatus.State) - Progress: $($scanStatus.Progress)%"
} while ($scanStatus.State -eq "Running")
return $scanStatus
}
# Function to download report
function Get-ScanReport {
param($scanId, $format = "pdf")
$reportUrl = "$baseUrl/scans/$scanId/report?format=$format"
$outputFile = Join-Path $OutputPath "invicti_report_$scanId.$format"
Invoke-WebRequest -Uri $reportUrl -Headers $headers -OutFile $outputFile
return $outputFile
}
# Main execution
try {
Write-Host "Starting Invicti scan for: $TargetUrl"
# Start scan
$scanId = Start-InvictiScan -url $TargetUrl -profile $ProfileName
Write-Host "Scan started with ID: $scanId"
# Wait for completion
$finalStatus = Wait-ForScanCompletion -scanId $scanId
Write-Host "Scan completed with status: $($finalStatus.State)"
# Download reports
$pdfReport = Get-ScanReport -scanId $scanId -format "pdf"
$jsonReport = Get-ScanReport -scanId $scanId -format "json"
Write-Host "Reports downloaded:"
Write-Host " PDF: $pdfReport"
Write-Host " JSON: $jsonReport"
# Parse results
$results = Get-Content $jsonReport | ConvertFrom-Json
$criticalCount = ($results.Vulnerabilities | Where-Object { $_.Severity -eq "Critical" }).Count
$highCount = ($results.Vulnerabilities | Where-Object { $_.Severity -eq "High" }).Count
Write-Host "Vulnerability Summary:"
Write-Host " Critical: $criticalCount"
Write-Host " High: $highCount"
Write-Host " Total: $($results.Vulnerabilities.Count)"
# Exit with error if critical vulnerabilities found
if ($criticalCount -gt 0) {
Write-Error "Critical vulnerabilities found! Scan failed."
exit 1
}
Write-Host "Scan completed successfully!"
} catch {
Write-Error "Scan failed: $($_.Exception.Message)"
exit 1
}
Advanced Configuration and Customization
Custom Vulnerability Checks
<!-- custom_checks.xml -->
<CustomChecks>
<Check id="custom_sql_injection">
<Name>Advanced SQL Injection Detection</Name>
<Description>Custom SQL injection patterns for specific application</Description>
<Category>Injection</Category>
<Severity>High</Severity>
<TestCases>
<TestCase>
<Payload>' OR '1'='1' --</Payload>
<ExpectedResponse type="error_message">SQL syntax error</ExpectedResponse>
</TestCase>
<TestCase>
<Payload>1' UNION SELECT 1,2,3 --</Payload>
<ExpectedResponse type="content_change">significant</ExpectedResponse>
</TestCase>
</TestCases>
<FalsePositiveReduction>
<ExcludeIfContains>test environment</ExcludeIfContains>
<ExcludeIfContains>demo data</ExcludeIfContains>
</FalsePositiveReduction>
</Check>
<Check id="custom_business_logic">
<Name>Business Logic Flaw Detection</Name>
<Description>Custom business logic vulnerability checks</Description>
<Category>BusinessLogic</Category>
<Severity>Medium</Severity>
<TestCases>
<TestCase>
<Description>Price manipulation test</Description>
<Steps>
<Step type="navigate">checkout.php</Step>
<Step type="modify_parameter">price=-100</Step>
<Step type="submit_form">checkout_form</Step>
</Steps>
<ExpectedResponse type="success_indicator">Order confirmed</ExpectedResponse>
</TestCase>
</TestCases>
</Check>
</CustomChecks>
Integration with External Tools
# invicti_integration.py
import requests
import json
import time
from typing import Dict, List, Optional
class InvictiIntegration:
def __init__(self, api_token: str, base_url: str = "https://invicti.company.com/api/1.0"):
self.api_token = api_token
self.base_url = base_url
self.headers = {
"Authorization": f"Bearer {api_token}",
"Content-Type": "application/json"
}
def start_scan(self, target_url: str, profile_id: str = "standard-web-app") -> str:
"""Start a new security scan"""
scan_data = {
"TargetUrl": target_url,
"ProfileId": profile_id,
"ScanType": "FullWithPrimaryProfile"
}
response = requests.post(
f"{self.base_url}/scans",
headers=self.headers,
json=scan_data
)
if response.status_code == 201:
return response.json()["Id"]
else:
raise Exception(f"Failed to start scan: {response.text}")
def get_scan_status(self, scan_id: str) -> Dict:
"""Get scan status and progress"""
response = requests.get(
f"{self.base_url}/scans/{scan_id}",
headers=self.headers
)
return response.json()
def wait_for_scan_completion(self, scan_id: str, timeout: int = 7200) -> Dict:
"""Wait for scan to complete with timeout"""
start_time = time.time()
while time.time() - start_time < timeout:
status = self.get_scan_status(scan_id)
if status["State"] in ["Completed", "Failed", "Aborted"]:
return status
print(f"Scan progress: {status['Progress']}%")
time.sleep(30)
raise TimeoutError("Scan did not complete within timeout")
def get_vulnerabilities(self, scan_id: str) -> List[Dict]:
"""Get vulnerabilities from completed scan"""
response = requests.get(
f"{self.base_url}/scans/{scan_id}/vulnerabilities",
headers=self.headers
)
return response.json()
def export_report(self, scan_id: str, format: str = "json") -> bytes:
"""Export scan report in specified format"""
response = requests.get(
f"{self.base_url}/scans/{scan_id}/report?format={format}",
headers=self.headers
)
return response.content
def create_jira_tickets(self, vulnerabilities: List[Dict], jira_config: Dict) -> List[str]:
"""Create Jira tickets for high/critical vulnerabilities"""
jira_tickets = []
for vuln in vulnerabilities:
if vuln["Severity"] in ["Critical", "High"]:
ticket_data = {
"fields": {
"project": {"key": jira_config["project_key"]},
"summary": f"Security Vulnerability: {vuln['Name']}",
"description": f"""
Vulnerability Details:
- Type: {vuln['Type']}
- Severity: {vuln['Severity']}
- URL: {vuln['Url']}
- Description: {vuln['Description']}
- Remediation: {vuln['Remediation']}
Invicti Scan ID: {vuln['ScanId']}
""",
"issuetype": {"name": "Bug"},
"priority": {"name": "High" if vuln["Severity"] == "Critical" else "Medium"},
"labels": ["security", "invicti", vuln["Type"].lower()]
}
}
jira_response = requests.post(
f"{jira_config['base_url']}/rest/api/2/issue",
auth=(jira_config["username"], jira_config["password"]),
headers={"Content-Type": "application/json"},
json=ticket_data
)
if jira_response.status_code == 201:
ticket_key = jira_response.json()["key"]
jira_tickets.append(ticket_key)
print(f"Created Jira ticket: {ticket_key}")
return jira_tickets
def send_slack_notification(self, scan_results: Dict, webhook_url: str):
"""Send scan results to Slack"""
critical_count = len([v for v in scan_results["vulnerabilities"] if v["Severity"] == "Critical"])
high_count = len([v for v in scan_results["vulnerabilities"] if v["Severity"] == "High"])
color = "danger" if critical_count > 0 else "warning" if high_count > 0 else "good"
message = {
"attachments": [
{
"color": color,
"title": f"Invicti Security Scan Results - {scan_results['target_url']}",
"fields": [
{
"title": "Critical Vulnerabilities",
"value": str(critical_count),
"short": True
},
{
"title": "High Vulnerabilities",
"value": str(high_count),
"short": True
},
{
"title": "Scan Duration",
"value": scan_results["duration"],
"short": True
},
{
"title": "Pages Scanned",
"value": str(scan_results["pages_scanned"]),
"short": True
}
]
}
]
}
requests.post(webhook_url, json=message)
# Usage example
invicti = InvictiIntegration("your_api_token")
# Start scan
scan_id = invicti.start_scan("https://example.com", "comprehensive-profile")
print(f"Started scan: {scan_id}")
# Wait for completion
scan_status = invicti.wait_for_scan_completion(scan_id)
print(f"Scan completed: {scan_status['State']}")
# Get vulnerabilities
vulnerabilities = invicti.get_vulnerabilities(scan_id)
print(f"Found {len(vulnerabilities)} vulnerabilities")
# Create Jira tickets for critical/high vulnerabilities
jira_config = {
"base_url": "https://company.atlassian.net",
"username": "jira_user",
"password": "jira_password",
"project_key": "SEC"
}
tickets = invicti.create_jira_tickets(vulnerabilities, jira_config)
print(f"Created {len(tickets)} Jira tickets")
# Send Slack notification
scan_results = {
"target_url": "https://example.com",
"vulnerabilities": vulnerabilities,
"duration": "2h 15m",
"pages_scanned": 1250
}
invicti.send_slack_notification(scan_results, "https://hooks.slack.com/services/...")
Troubleshooting and Best Practices
Performance Optimization
# Optimize scan performance
Invicti.exe --configure-performance \
--max-concurrent-requests 15 \
--request-delay 500 \
--timeout 45000 \
--memory-limit 8GB
# Database optimization (Enterprise)
Invicti.exe --optimize-database \
--rebuild-indexes \
--update-statistics \
--cleanup-old-scans 90d
# Network optimization
Invicti.exe --configure-network \
--connection-pool-size 50 \
--keep-alive-timeout 30s \
--dns-cache-timeout 300s
Common Issues and Solutions
# Authentication issues
Invicti.exe --test-authentication --url "https://app.example.com" \
--auth-sequence "login_sequence.xml" \
--verbose
# Scan failures and timeouts
Invicti.exe --diagnose-scan-issues --scan-id "12345" \
--export-debug-log "debug.log"
# False positive management
Invicti.exe --manage-false-positives \
--vulnerability-id "vuln-123" \
--mark-false-positive \
--reason "Test environment data"
# Performance issues
Invicti.exe --performance-analysis --scan-id "12345" \
--generate-performance-report
Security Best Practices
# Secure configuration
Invicti.exe --secure-configuration \
--enable-encryption \
--require-strong-passwords \
--enable-audit-logging \
--session-timeout 30m
# Access control
Invicti.exe --configure-access-control \
--enable-rbac \
--require-mfa \
--ip-whitelist "192.168.1.0/24,10.0.0.0/8"
# Data protection
Invicti.exe --configure-data-protection \
--encrypt-sensitive-data \
--anonymize-scan-data \
--data-retention-policy 365d