Video: Web App Scanning With Credentials Using Nessus
Scanning web applications that require credentials can be a bit tricky as different applications may handle the authentication process in different ways. Nessus has configuration options that will allow you to define the authentication parameters for each application. Nessus also allows users to define pages that are not to be accessed during the web mirroring process, such as "logout.php", which prevents Nessus from being logged out of the application.
We have produced a video demonstration that walks you through configuring authentication for your web application Nessus scans:
A complete blog post was also published on this topic titled "Scanning Web Applications That Require Authentication".
Are You Vulnerable to the Latest Exploits?
Enter your email to receive the latest cyber exposure alerts in your inbox.