Sha256: dea896658f7534c5a57d04a7c0a43bbe94bf4c1ed1a6a895d99400728f681549
Contents?: true
Size: 1.72 KB
Versions: 8
Compression:
Stored size: 1.72 KB
Contents
<% content_for :title, 'Help' %>
<div class="hero-unit">
<h1>Fear not, help is at hand.</h1>
</div>
<div class="alert">
<strong>Warning!</strong>
You will need to clear your browser's cookies for the site before using
the proxy.
</div>
<div class="well">
<h2>Recording a log-in sequence</h2>
<div class="alert">
<strong>Warning!</strong>
<p>Log-out detection and automated re-login are performed on a best-effort basis.</p>
<p>They do not remove the need to exclude paths which can interfere with the session (like log-out links)
using the appropriate options (like <code>--exclude='pattern'</code> for the command line UI).</p>
<p>In fact, accurately specifying destructive paths to exclude should be your priority.</p>
</div>
<p>
You can click the little circle on the left of the control-panel to
start recording a login sequence.
Once you are done, you will be asked to provide some more details
and verify that the information the proxy managed to deduce is accurate.
</p>
<p>
If everything goes as planned, by the end, Arachni will have been configured
in a way that will allow it to maintain a valid session with the web
application and re-login as needed.
</p>
<h3>Caveats</h3>
<p>
If there is JavaScript involved in the generation of the login form the
proxy may be unable to spot it.
</p>
</div>
<div class="well">
<h2>Shutting down and starting the scan</h2>
<p>
To shutdown the proxy and continue with the audit, hit the power-off button.
After a couple of seconds the proxy will shutdown and the system will move
on with the scan.
</p>
</div>
Version data entries
8 entries across 8 versions & 1 rubygems