You can import links or an API definition file to Netsparker from a file or a URL. This feature lets you specify pages that you would like to scan, which are not linked from anywhere on the website.
Netsparker crawls the target website to reach maximum coverage. When you launch a scan, Netsparker acts as a search engine bot. This means the scanner visits every link that it detects and makes requests to all input points in detected resources including the URLs used to reach these resources.
However, there may be parts of the website that are not linked from the website. This can prevent Netsparker from achieving maximum coverage and identifying all vulnerabilities on the target website.
- The Links and API Definitions feature in Netsparker enables you to add links and files to determine web pages that you want scanned.
- You can also ensure that Netsparker includes data already captured by using other tools into the scan.
Difference between From File and From URL
You can import your links and API definitions from a file or from a URL.
- The From File option lets you import your document to Netsparker. This requires you to import the file over and over again whenever you edit it.
- Instead, you can upload this file in your environment that Netsparker can access via a URL.
- In the case of GraphQL, for example, even if you edit the schema repeatedly, you do not need to import the file to Netsparker, as the scanner can access it via the URL.
For further information about importing links from third-party tools, see Importing links from supported tools.
This topic explains how to import links and API definitions from a file or from a URL to Netsparker.
Links/API Definitions Fields
This table lists and describes the fields in the Links/API Definitions tab.
Specify a file to import your links/API definitions.
Specify a URL to import your links/API definitions. This is only available in Netsparker Enterprise.
Specify the links that you want to scan.
Specify the pages that you want to scan. This is only available in Netsparker Standard.
Select a file for importing links from the drop-down.
Importing links/API definitions in Netsparker Enterprise
How to import links/API definitions in Netsparker Enterprise
- Open Netsparker Enterprise.
- From the main menu, select Scans > New Scan.
- On the New Scan page, select Links/API Definitions.
- To specify links, you can do one of the followings:
- From the From File section, select the third-party tool's icon to select and update the supported file.
- From the From URL section, select the third-party tool's icon to enter the URL.
- From the Enter Links section, add your links manually.
- Select Launch to start the scan.
Importing links/API definitions in Netsparker Standard
How to import links/API definitions in Netsparker Standard
- Open Netsparker Standard.
- From the Home tab, select New.
- From the Start a New Website or New Service Scan window, select Links/API Definitions.
- Specify links, you can do one of the followings:
- From the From File section, double-click the tool icon to select and update the supported file.
- From the From URL section, double-click the tool icon to enter the URL.
- From the Imported Links section, enter only the URL information for one or more URLs manually:
- Select Enter Links. The Enter Links/HTTP Requests dialog is displayed.
- Select the Link Format drop-down and select the appropriate option.
- Add in the new link details.
- Select OK.
- By adding the details of a single link or request:
- Select Add.
- On the Add New Link window, add the details for the whole request.
- Enable the Enable Raw Request Body checkbox, to allow you to add a raw request body. If you enable this option, the POST parameters in the request form will be ignored.
- Select Save.
- Select Start Scan.