What are Deep Scans?
Contrary to a Quick Scan, Deep Scan is a scan that is executed once in a workflow-like method to uncover vulnerabilities in your selected target or URL.
Starting a Deep Scan on a single URL
To start or launch a Deep Scan:
- Navigate to
- Select Deep Scan
- Select URL in case this option is not selected
Next, under the Target URL section, enter your URL to scan. Example:
Afterwards, select what web security vulnerabilities you’d like to scan for. As we already defined our target URL to scan, we would not have to perform any kind of asset discovery (except content discovery, more on this later).
And finally, click on Run Scan to run the scan. You will be redirected in a moment to the results page.
Live Results: The scanner is capable of saving the first results as soon as they are available. This may mean that your scan is marked as “finished” but still has a few scans running in the background.
You can consult the Scans tab in your Deep Scan result page to view the status of each individual child process launched.
What is happening now after I start a Deep Scan?
The workflow is optimized to uncover as much many vulnerabilities as possible. The scanner first starts off with a thourough content discovery scan. This scan (performed by SPIDER X) is responsible for gathering all possible paths, app routes, files, and possible (query) parameters through various methods like:
- Headless crawling (including listening for browser events and enumerating app routes from well-known technologies in global Window Objects)
- HTTP Response Analysis
- Public Web Archives
- Common Config Files (like
- And soon also targeted bruteforcing with dynamically generated wordlists based on a few key parameters (like technologies, language, common naming patterns, etc.)
After the content discovery scan finishes, it will automatically pass the data to the next scanners to scan for for example CWE-79 (XSS) or CWE-601 (Open URL Redirects).
More scanners will be added over time.
WAYPOINTS is our new template-based scanner which allows you to define scanner rules and find all sorts of security vulnerabilities. This can significantly help increase the discovery of 0-day and 1-day security vulnerabilities (often used to gain initial foothold into an organisation’s network).