arachni
arachni copied to clipboard
Arachni
Sitemap does not contain all crawled links
I ran Arachni on WIVET using the following script:
#!bin
./arachni http://192.168.0.18:8090/ --checks trainer --audit-links --audit-forms \
--scope-include-pattern 'http://192.168.0.18:8090/' \
--scope-exclude-pattern 'http://192.168.0.18:8090/offscanpages.*' \
--scope-exclude-pattern 'http://192.168.0.18:8090/logout.php' \
--scope-exclude-pattern 'http://192.168.0.18:8090/pages/100.php' \
--http-cookie-string="PHPSESSID=77d4ad6bbe505bba989152390e4e9e25" \
--report-save-path=wivet-arachni-report.afr
Then I converted the report format to html using the following command:
./arachni_reporter wivet-arachni-report.afr --reporter=html:outfile=wivet-arachni-report.html.zip
According to WIVET, Arachni achieves a score of 94%. However, when I checked the URLs in the Sitemap, several of the detected URLs are missing.
The following test cases were detected according to the Statistics page in Arachni and showed up on the terminal output when the script was run but not listed in the Sitemap:
- 13_10ad3
I attached a text file of the terminal output when the script is run. terminal-output.txt
The following test cases were detected according to the Statistics page in Arachni but did not show up on the terminal or the Sitemap:
- 17_143ef
- 17_2da76
I also attached the arachni report output and an excel file of the detected wivet test cases. wivet-arachni-report.html.zip wivet_testcases_arachni.xlsx
I assume this is an issue with Arachni as apposed to the WIVET application since according to this, the crawling coverage should be 96%.
--
--
