3.1 Crawling, Scope, and Auditing (Performing the Scan)
All right. Welcome to the third module, where we're gonna actually gonna scan a live Web site available on the Internet.
The site is arterial mutual dot com. It is a will is a real site. It's a demo site used by IBM to demonstrate
Thea capabilities of IBM AB skin. So it's nothing illegal that you're going to be doing. It's It's all fine. People do this all the time. We'll also go over web crawling, scope, scoping, um, aspect of burb, sweet and actual, the different audit policies. And we're also looking
the different audit libraries.
So let me minimize this and go ahead and get burps. We going
Let's crank up the sweet.
All right? We're not going to update anything. We're gonna go with the temporary project. You'll be able to save everything at the end, and we'll start breath sweet up right now.
Okay, let's go back to our browser.
And I'll use foxy process
to turn on my proxy for birth. Sweet justice. Is burke there?
And I'm website to roll mutual. So we're trying to go to the website now you're noticed that nothing is happening down here is keep saying, you know, waiting for Google. Nothing's happening.
And the reason for that ISS
birth. We've had something called intercept, and it allows you to look at Pakistan's therefore doing okay too. Before you scan anything or actually do a crawl. You want to turn intercept off? Okay, it's intercepted is off right now. Okay, so now the attorney Recep off.
I see our site. Arturo Mutual is there. Okay,
so the other sites you can you can delete these if you like. Uh, nothing's gonna happen
because we're not gonna scan knows,
but I will delete him.
You can see us. He's going to keep going,
all right? And they use options here.
Use options. Heat from here is where you would actually putting yours idea and password that you want the actual log and have the scan walk until Web server and actual check it. We're not gonna do any authenticated scans, not just go around. So we're just going to a plane on unauthenticated scan. Okay? I'm a target. All right. Do it. Right. Click.
And that's at that to the scope. And you notice when things are active, lights up in an actual orange. So this is our scope right here. All right.
So go back to your options,
Okay? Socks. Nothing there again. Even when I did that. Still nothing here. Project options.
We're gonna drop all out of scope requests, so we just want to scan our particular site. That's it.
let's go back to target
site map from here to right. Click
and we're going to scan. All right,
Here. Is he crawled in audit. You have just crawled him. Audit selected items. All right, we're gonna do a crawling audit crawling me, and he's gonna actual look at the entire directory and pick up and pick up everything that they can pick up that it should. Actual skin. That's where crawling means and audit mean actual checking for checking for actual vulnerabilities.
We're not. I said we're not logging or doing anything like that.
So we're select from the actual library itself. That's already there.
We'll go with
never stopped crawling application errors,
uh, never stopped audit for application areas,
we're gonna go with the fastest crawl strategy we can since we are in in in the class
and we'll do
all the audience checks except, um,
drop skip analysis. Okay,
so click. Okay,
if you notice here, you can see things are starting.
So if you really go back to the dashboard,
you can do a pull out, and you can see down wth indicated colleges is going right now,
And it always tries to give you estimated time remaining, but you will see that bounce around a whole lot. Um, it may go from two hours, and they may jump all the way down to 45 minutes, so it would go back and forth a lot, depending on network speed
activity on a server. You kind of want to do web scans when things are actually inactive. So, you know, that's a lot of web skins
occur late in the night or in the middle of night, depending
when it's this is it's at least active. But our crawl is going
well, Having audit items yet is still crawling.
So now we're beginning out actual audit phase
who have already picked up three issues.
All right. Severity.
It's picking up things already, and you can also filter here, just click on. You see, all the highs. It's found Any mediums? None yet. Low, No
info. Always finds a lot of info
and burden in purple. Also classifying. Uh, it's certainty of actual issue presents based on certain firm of tenant of certain being Yeah, 100% sure. Is there
firm? Probably 75. 80% intended. Me maybe. Could be.
Maybe not. So as you highlight the different, different severity you can see. You see, You just see those, if you like.
Still estimating time remaining, but it's already found things.
Eight errors has checked. The heiress. Have you seen in Arizona? In the log.
I don't see anything.
There we go. The bugs. Okay.
Skipping car is gonna check.
Okay, We're very confident. I scan is going to complete right now, so I'll go ahead and in this module and I'll see you in the last. Find a module and we'll see what the scan looks like.