We have 4 different scan profiles:
The security posture scan profile is designed for speed, taking less than a minute to complete, and focuses on identifying vulnerabilities related to SSL/TLS, HTTP headers, and cookies.
The safe scan profile is designed to minimize the potential impact on the target application by testing for all supported vulnerabilities but using a limited set of payloads. Additionally, the scanner only employs GET requests and does not include POST, PUT, or DELETE requests. Nevertheless, our crawler will still make requests using these methods if necessary, for example, to log in to the application.
The normal scan profile tests for all supported vulnerabilities and uses a larger set of payloads than the safe profile without any restrictions on the methods used.
The full scan profile includes all tests from the normal profile and utilizes an even larger set of payloads.