Is there a way in WAS module to make some forced crawl? Using a dictionnary for example?
Oliver, yes and no.
QID 150067 states that links were discovered via requests using an alternate User-Agent or guessed based on common mobile device URI patterns. The scanner attempts to determine if the Web application changes its behavior when accessed by mobile devices. These checks are based on modifying the User-Agent, changing the domain name, and appending common directories. The extra links discovered by the Web application scanner during User-Agent manipulation are provided in the Results section.
So yes, we are using alternate User-Agent or guesses based on common mobile device URI patterns and common directory listing names. But no, this is not a customizable check or place where we can use a customized dictionary presently.
I do see the use case and some additional benefits for this type of check, so a feature request is definitely the best route to pursue.
Oliver, I am not sure I am completely understanding what you are asking. Are you using a dictionary (custom or built-in) for brute force purposes or are you looking to force a crawl to a particular section or subset of a web app or am I missing exactly what you are asking?
I aim to use a dictionary file to test every paths on the web site (we can call it brute force purposes, yes)
Oliver, thank you for the clarification. Currently we do not support this method of forced crawling. I do however see some benefit from using this method or even some OWASP Skipfish integration for these purposes. Please get in contact with your account manager and/or send us both an email, so we can submit the proper feature request with all required information. Thanks.
OK thanks. I'll tell some word about this to my contact at Qualys about this feature request.
Let's have a look also to dirbuster tool that is included now in OWASP ZAP project.
I feel quite sure that WAS scan does some sort of forced crawl but on a private dictionnary, as implemented in some of the QID case (like the /mobile URI detection), no ?
I do ask for a feature request to support and contact.
Did this request ever get created?
Retrieving data ...