availability
Deployment: Invicti Platform on-demand, Invicti Platform on-premises
Advanced settings overview
The Advanced settings tab in target configuration gives you fine-grained control over how Invicti Platform scans a specific target. This document lists all available advanced settings. Settings with a dedicated documentation page are linked in the table.
Misconfiguration risk
Misconfiguring advanced settings can break scans or produce inaccurate results. Only amend these settings if you're familiar with scanner behavior.
Prerequisites
The Advanced settings tab only appears on a target when you enable the Allow users to configure advanced scan configuration option in Settings > Scanning. For more information, refer to Scanning settings.
Steps to access advanced settings
- Select Inventory > Targets from the left-side menu.
- Find the target you want to configure and either:
- Select anywhere on its row to open the target drawer, then select Edit.
- Select the three-dot menu (⋮) at the far right of the row and choose Edit target.
- Select the Advanced settings tab.
Available settings
| Setting | Description | Documentation |
|---|---|---|
| HTTP settings | ||
| Enable Cache | Enables persistent HTTP storage used by DeepScan to reduce memory footprint. | — |
| Prefer IPv6 for DNS Lookups | Prefers IPv6 over IPv4 addresses when performing DNS lookups. | — |
| Prefer HTTP/2 | Prefers HTTP/2 connections when available. | — |
| Request Timeout | Maximum time in seconds for a request to complete. Default: 30. | — |
| HTTP Logging | Enables HTTP request and response logging in the scanner logs. Configure what to log for requests and responses, or restrict logging to errors only. HTTP logging is only active when debug mode is enabled for the target. Use this for troubleshooting scan issues. | — |
| SSL settings | ||
| SSL Ciphers (TLS v1.2 and below) | Overrides the default cipher list for TLS v1.2 and below using a colon-separated list of cipher names. Only change this if the target requires specific ciphers not in the defaults, or to restrict weak ciphers. Incorrect values can prevent the scanner from connecting to the target. | — |
| SSL Cipher Suites (TLS v1.3) | Overrides the default cipher suites for TLS v1.3 using a colon-separated list. If left empty, TLS v1.3 is disabled entirely. Only change this if the target requires specific TLS v1.3 cipher suites. | — |
| Login settings | ||
| Login Sequence Timeout | Maximum time in minutes to wait for a login sequence to complete. Default: 5. | — |
| Crawling settings | ||
| Link Depth | Maximum link depth to crawl. Set to 0 for unlimited. Default: 10. | — |
| Directory Depth | Maximum directory depth to crawl. Set to 0 for unlimited. Default: 15. | — |
| Directory Limit | Maximum number of directories on any level. Set to 0 for unlimited. Default: 50. | — |
| File Limit | Maximum number of files on any level. Set to 0 for unlimited. Default: 150. | — |
| Maximum Number of Pages to Crawl | Maximum number of pages to crawl. Set to 0 for unlimited. Default: 25,000. | — |
| Accept Cookies From All Domains | The engine does not validate the cookies' domain. | — |
| Heuristic Route Detection | Controls when Invicti Platform treats similar URL paths as a single parameterized route rather than distinct pages. Max Threshold sets the upper limit for route creation at the first path segment (default: 100). Min Threshold sets the lower limit (default: 30). Same Type Threshold applies when path segments share the same data type, such as year, hex, UUID, or number (default: 10). Lowering these values creates more granular routes; raising them reduces scan scope. | — |
| DeepScan settings | ||
| Enable Heuristics | Enables DeepScan heuristics. | — |
| Fetch External URLs | Fetches URLs requested by the browser even if they are outside the scan scope. | — |
| Allow Out Of Scope Submits | Enables submit requests to out-of-scope forms. | — |
| Block Ads | Blocks domains known to serve ads during DeepScan. | — |
| Session Timeout | Maximum time in seconds to wait for a browser session to complete. Default: 240. | — |
| Max Sessions | Maximum number of browser sessions to use during the scan. Default: 5. | — |
| Dynamic Session Timeout | When enabled, the engine waits for 30 seconds of idle time. A session cannot exceed 2× the Session Timeout value. | — |
| Detect LLM | Detects and blocks requests to known large language model endpoints to prevent data leakage during DeepScan. | — |
| Skip Custom Events | Does not simulate non-standard custom events. | — |
| Always Trigger Standard Events | Force-triggers standard events registered with an element. | — |
| Pre-emptive setTimeout | Automatically triggers setTimeout callbacks. | — |
| Exclude elements from scanning | Prevents the scanner from interacting with specific page elements using CSS selectors or XPath expressions. | Exclude elements from scanning |
| IAST settings | ||
| Send Filelist Query | Enables or disables sending of the filelist IAST query. | — |
| Send Alerts Query | Enables or disables sending of the alerts IAST query. | — |
| Send Packages Query | Enables or disables sending of the packages IAST query. | — |
| Send Routes Query | Enables or disables sending of the routes IAST query. | — |
| Send System Info Query | Enables or disables sending of the system info IAST query. | — |
| Scanning settings | ||
| Proof of Exploit | When enabled, proof of exploit is generated for applicable vulnerabilities. | — |
| Test Client-Side Routes | Enables or disables bypassing of scan scripts on client-side routes, except for those with the cs_route tag. | — |
| Enable LLM Scanning | Enables scanning for vulnerabilities related to large language models. | — |
| Use Cookies Detected During Scanning | When scanning, the engine does not set or change cookies. | — |
| Path Heuristics | When enabled, applies predefined regex patterns to specific URL paths to control how the scanner handles them — for example, skipping inputs on known static asset paths or treating framework-generated paths as equivalent. This reduces unnecessary scanning of paths that are unlikely to contain vulnerabilities. | — |
| Stateful API Scanning | When enabled, the scanner tracks state across API requests, allowing it to test endpoints that require prior requests to establish session context. Use this for APIs where operations depend on earlier calls in a sequence. | — |
| Parameter Exclusions | Define rules to skip testing on specific parameters using regex patterns, parameter types, and optional URL scoping. Useful for protecting session tokens and framework-generated fields from being modified during a scan. | |
| Enable scan auto-tuner | Automatically fine-tunes scan behavior when Invicti Platform detects a recognized test application through page fingerprinting. Intended for test environments only. | Enable scan auto-tuner |
| Miscellaneous engine settings | ||
| Landing Page Screenshot | When enabled, the engine takes a screenshot of the landing page. | — |
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center
Was this page useful?