Overview of Authentication
When you plan to use Netsparker to scan a web application that contains some pages with login credentials and configurations, you first need to add those details to your Scan Options authentication fields. This is important because it enables the scanner to determine whether it is logged in or logged out during a scan.
For further information, see Netsparker Enterprise Scan Options Fields and Netsparker Standard Scan Options Fields.
Supported Authentication Methods in Netsparker
There are multiple forms of Authentication supported in Netsparker Enterprise and Netsparker Standard:
- Configuring and Verifying Form Authentication in Netsparker Enterprise
- Configuring Form Authentication in Netsparker Standard
- Verifying the Form Authentication Configuration in Netsparker Standard
- Configuring Basic, Digest, NTLM/Kerberos Authentication
- Configuring Header Authentication
- Configuring Client Certificate Authentication
- Configuring OAuth2 Authentication
There are forms of Authentication supported only in Netsparker Standard:
- Configuring Smart Card Authentication in Netsparker Standard
- HMAC Authentication via Scripting in Netsparker Standard
- Manual Authentication
For further information, see Logout Problems and Interactive Logins in Netsparker Standard.