How it works...
In this recipe, we showed some key aspects to take into account in order to avoid damage to the information and disruption to services when executing automated scanning against our target application.
The main reason for requiring special measures is that web application vulnerability scanners, in their default configurations, tend to crawl the entire site and use the URLs and parameters obtained from this crawling to send further payloads and probes. In applications that don't properly filter the data they receive, these probes can end up stored in the database or executed by the server, and this could cause integrity problems, permanently alter or damage existing information, or disrupt services.
To prevent this damage, ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access