Managing Discovery Service in Acunetix 360

The Discovered Websites page displays and lets you manage all websites Acunetix 360 has discovered:

  • This page operates like a To-Do list. It is highly recommended that you keep on top of this list, and process discovered items, by creating or excluding each discovered website every time you log in.
  • You can filter results in each of the columns.

Tips

The Status column's default filter is set to New so that newly discovered websites are displayed.


This topic explains how to manage the Discovery Service in Acunetix 360. For further information on the Discovery Service, see
Application and Service Discovery. Creating or blacklisting websites identified by the discovery service? See Creating websites via Discovery Service.

Discovered Websites fields

This table lists and explains the panels in the Discovered Websites page.

Field

Description

Authority

This is the hostname or IP address and port number for a server. For example, in http://example.com:81/, example.com:81 is the authority.  

IP Address

This is the IP address of the website.

Top Level Domain

The TLD refers to the last segment of a domain name, or the part that follows immediately after the dot(.) symbol. For example, in the domain name www.example.com, the top-level domain is 'com'. TLDs are mainly classified into two categories: generic TLDs and country-specific TLDs. Examples of some of the popular TLDs include: .com, .org, .net, .gov, .biz and .edu.

Second Level Domain

A second-level domain is a domain that is directly below a top-level domain (TLD). For example, in example.com, 'example' is the second-level domain of the .com TLD.

Organizational Name

This is the name of the organization that is registered as the owner of the website.

Status

This is the status of the website. The options are:

  • New: This indicates websites that have just been discovered (default) (only available on the On-Premises)
  • Discovered: This indicates websites that have just been discovered (only available on the On-Demand)
  • Ignored: This indicates websites that you've ignored
  • Created: This indicates websites that you've created

Tags

This column displays the tags you added to the discovered website. For further information, see Tagging discovered websites in Acunetix 360.

Discovered Date

This column displays when Invicti first discovered your web asset. You can filter results based on the date range.

This is only available on the Acunetix 360 On-Demand.

Column filters

All columns can be filtered, using a highly customizable combination of Fields, Operators, and Values. Each is explained below. This is useful for teams that manage the security of many websites.

Filters & Values

This table lists the filters and values available for the columns listed above. Select an option to filter the list by that criterion.

  • In many cases, values can be entered into the value field; in others, the value can be selected from a drop-down menu.
  • You can enter more than one filter at a time.

Field

Description

Value

Authority

Select to filter by the authority.

Enter a value.

IP Address

Select to filter by the IP Address.

Enter a value.

Second Level Domain

Select to filter by the second level domain.

Enter a value.

Top Level Domain

Select to filter by the top level domain.

Enter a value.

Organization Name

Select to filter by the organization name.

Select a date.

Status

Select to filter by the status. The Status column's default filter is set to New

The drop-down options are:

  • (Not Set)
  • Created
  • Ignored
  • New

Distance

Select to filter by distance.

Enter a value. The options are: 0 and 1.

  • 0 means those websites that Acunetix 360 discovered according to the discovery service settings.
  • 1 means those websites that Acunetix 360 discovered on the same IP address.

Registered Domain?

Select to filter by registered domain.

The drop-down options are:

  • (Not Set)
  • Yes
  • No

Operator

This table lists and explains the Operators available for filtering columns. They work in conjunction with the Field, Operator, and Value.

Operator

Description

Equal

This operator can be used for exact matching. For example, if you filtered by the Target URL http://www.example.com/, the filtered list of results would not also list http://api.example.com.

Not Equal

This operator can be used to exclude some results based on exactly matching. For example, if you filtered by the Target URL of http://www.example.com/, the filtered list of results would exclude scans for that one.

Contains

This operator can be used to include results if the filtered column contains the value. It does not matter where the value is. For example, you could filter for the word 'production'.

Not Contains

This operator can be used to exclude certain results on the Websites page.

Starts with

This operator can be used to filter for columns that begin with the value. For example, you could filter for Website fields that begin with the 'https://' scheme.

Ends with

This operator can be used to filter for columns that end with the value. For example, you could filter for Website Name fields ending with 'Staging'.

Less than

This operator can be used to filter columns that contain numeric values rather than string values.

Less than or equal

This operator can be used to filter columns that contain numeric values rather than string values.

Greater than or equal

This operator can be used to filter columns that contain numeric values rather than string values.

Greater than

This operator can be used to filter columns that contain numeric values rather than string values.

Filtering discovered websites

Filters enable you to find discovered websites that match given criteria.

How to filter your list of discovered websites
  1. In the Discovered Websites window, select the filter button (  ) next to any column header.
  1. Select to clear all fields.
  2. Add a new filter if necessary (see How to add a new filter).
  3. In the relevant field, where relevant:
  • From the Field drop-down, select an option
  • From the Operator drop-down, select an option
  • In the Value field, enter a value
  1. Select Apply. The list is filtered by the selected criteria.
How to add a new filter
  1. In the Discovered Websites window, click the filter button ( ) above the Discovered Websites field next to any column header. The filter dialog is displayed.
  2. In the filter dialog, select New Filter. A new row is displayed.
  3. Configure as required.
How to filter using faceted search

You can also filter the list of Discovered Websites using a faceted search. Select the number next to the IP Address, Second Level Domain, Top Level Domain, or Organization Name in any row to filter on that criteria.

The list will display only websites that fit the criteria you've clicked on.

Configuring Service Discovery settings

In this page, you can configure the settings that determine how the discovered websites list searches for online resources.

The discovery process uses specific parameters to suggest websites:

  1. IP Address or IP Range
  2. Second Level Domain (SLD)
  3. Top-Level Domain (TLD)
  4. Organization Name

You can extend or narrow the results using these parameters, for example:

  • You can select to detect all websites that have SLD acunetix
  • You can select to detect all websites that have TLD .gov

The Service Discovery settings page has eight tabs. Each is outlined as the following:

Match Settings

This table lists and explains the sections in the Match Settings tab. They are all enabled by default.

Setting

Description

Email Matching

Enable to use your account's email address second level domain as a matching option.

Website Matching

Enable to use your added website's second level domain as a matching option. The website matching option has a limit of 32 websites.

Only Registered Domains

Enable to exclude web services that do not have a publicly available DNS record.

Reverse IP Lookup

Enable to take the IP address pointing to a web server and search for other sites known to be hosted on the same web server.

Organization Name Matching

Enable to conduct another scan via the Organization Names extracted from the result set’s TLS certificates.

Second Level Domains

This tab lists the addresses that are below the top-level domains. A second-level domain is a domain that is directly below a top-level domain (TLD). For example, in example.com, 'example' is the second-level domain of the .com TLD.

Organizations

This tab lists the organization name (listed in the certificate's organization name fields or website's copyright section) for each website or service that you want included in your Discovered Websites list.

IP Addresses

This tab lists the IP addresses for each website or service that you want included in your Discovered Websites list.

Excluded Second Level Domains

This tab lists the second-level domains for each website or service that you want excluded from your Discovered Websites list.

Excluded Top Level Domains

This tab lists the top-level domains for each website or service that you want excluded from your Discovered Websites list. The TLD refers to the last segment of a domain name, or the part that follows immediately after the dot(.) symbol.

Excluded Organizational Names

This tab lists the name of the organizations whose websites should be excluded from the service.

Excluded IP Addresses

This tab lists the IP Addresses whose websites you would like excluded from the Discovered Websites list.

How to configure the Service Discovery settings
  1. Log in to Acunetix 360.
  2. From the main menu, select Discovery > Settings.

  1. Configure the settings as explained in the table above.
  2. Select Save & Recrawl.

 

« Back to the Acunetix Support Page