Go to Top

Web User Interface

The web user interface allows multiple Users to perform and manage multiple Scans and then collaborate on those Scans and the Issues they have logged. It also makes handling and taking advantage of the distributed nature of Arachni very easy, allowing you to spread the workload of many Scans across a pool of Dispatchers.

  • Administrators can manage all:
    • Users
    • Scan configuration Profiles
      • Can set Global Profiles which are available to everyone.
      • Can set the system-wide default Profile.
    • Scans
    • Scan Issues
    • Scan Groups
    • Dispatchers
      • Can set Global Dispatchers which are available to everyone.
      • Can set the system-wide default Dispatcher.
    • Settings
      • Scan
        • Allowed types.
        • Target whitelist using regular expressions.
        • Target blacklist using regular expressions.
        • Global scan limit — Amount of active scans at any given time.
        • Per user limit — Amount of active scans at any given time per user.
      • Profile
        • Allowed modules.
  • Users can:
    • Manage, create and share Dispatchers with each other.
    • Manage, create and share Scan configuration Profiles with each other.
    • Start Scans using one of the available Profiles (and optionally Dispatchers).
    • Organize Scans into Scan Groups for easier management and share their Groups with each other.
    • Manage, comment, share and export reports of their Scans.
    • Discuss and Review Issues:
      • Mark them as false positives
      • Mark them as fixed
      • Mark them as requiring manual verification
        • Add verification steps
        • Mark them as verified
    • Receive Notifications for:
      • Shared Profiles — Created, updated, shared, deleted.
      • Shared Scans — Started, paused, resumed, aborted, commented.
      • Issues of shared Scans — Reviewed, verified, commented.
    • Review their Activity.
    • Export reports, review and comment on Scans which have been shared with them by other users.
  • Available Scan types:
    • Direct — From the WebUI machine to the webapp, no need to setup anything else.
    • Remote — Using a Dispatcher.
      • Scan is performed from the machine of the Dispatcher to the webapp.
      • Scan assignments can be load balanced when there are multiple Dispatchers available.
    • Grid — Using multiple Dispatchers.
      • Scan is performed using multiple machines for a super-fast crawl and audit.
      • Scan assignments can be load balanced.
    • Repeat/Revision
      • Repeats a finished scan to identify fixed or new issues.
      • Can use sitemaps of previous revisions to:
        • Avoid crawling
        • Extend a new crawl
    • Overview — Combines the results of multiple revisions for easy review/management.
  • Scans can be scheduled to be performed at a later date or at predefined intervals.
    • Recurring scans are incremental, with each occurrence being a separate revision.
  • Scan reports can be exported in multiple formats (HTML, XML, YAML and more).
  • Simple, clean, responsive design suitable for desktops, tablets and mobile phones.