During a scan, there are 3 major components at play, each one with a specific job:
The fingerprinter identifies the technologies used on the target
The crawler goes through the target's URLs and interacts with every element found, clicking on buttons and filling in forms, among other things
The scanner finds vulnerabilities within the target's URLs
A scan has several possible states:
As soon as a scan is requested, it gets Queued; most of the time, it will start immediately
Once a queued scan begins, its state is changed to Started
After the fingerprinter, the crawler, and the scanner have completed their jobs, the scan ends and its state is set to Completed
There are some extra states:
If an ongoing scan is stopped by a user, the scan state is changed to Canceled
If the target is unreachable or there is a connection timeout, the scan ends with Failed, with a message indicating the error; the same state is used if a scan fails during its execution
If some vulnerabilities need to be manually confirmed by Probely's team, the scan is set to Under Review; after this manual review, the scan changes to Completed
Once a scan is successfully finished, its scan reports and coverage reports can be generated.