Some websites and applications can have restricted areas meant for authenticated users only. For your scans to be more thorough in these targets, you can configure authentication, thus allowing Probely to go deeper into the target scope to identify vulnerabilities.
In Probely, you can configure target authentication in the AUTHENTICATION section of the target settings.
You have two options:
Login Form Authentication
If your website or application has a login form for authentication, choose the LOGIN FORM option and provide the login page and the information to input the user credentials for logging in.
For more details on this option, read this article on How to set up Target Authentication with a Login Form.
Login Sequence Authentication
If your website or application has a complex login flow (like a multi-step login), choose LOGIN SEQUENCE to use Probely’s plugin to record the steps of the login sequence to be replayed during scans for logging in.
For more details on this option, read this article on How to set up Target Authentication with a Login Sequence.
Some websites or applications may have 2FA (Two-Factor Authentication) enabled for an extra layer of security. Regardless of the option you have configured here for target authentication, you can also add 2FA to them. To learn more about it, read this article on Scanning Targets with 2FA.