Deployment: Invicti Platform on-demand, Invicti Platform on-premises
Default scan profiles
Scan profiles are collections of predefined security checks used to test your web application for vulnerabilities. When launching a scan, you choose a scan profile to run against a target. Invicti provides a set of default scan profiles designed to meet common application security needs. You can use these defaults or create custom scan profiles tailored to your specific requirements. You can run multiple scans on the same target using different scan profiles.
This document describes the built-in scan profiles available in Invicti Platform.
Built-in scan profiles
Default scan profiles are predefined groupings of tests designed to identify specific classes of vulnerabilities, such as SQL injection or Cross-site scripting (XSS). These profiles help streamline scanning by narrowing or expanding the scope of checks depending on your goals. You can use these profiles to focus on specific risks or perform comprehensive assessments.
Scan profile actions
Built-in scan profiles support the following actions:
- View - Click the eye icon to view the profile's security checks. Each check displays the highest severity it can report. Use the Severity filter to narrow the list to checks at a specific severity level.
- Clone - Click the clone icon to create a custom scan profile based on the built-in profile. This opens the custom profile creation dialog with all checks from the built-in profile pre-selected, allowing you to modify them as needed.
For more information on creating custom profiles, refer to the Custom scan profiles document.
Full scan
Performs a comprehensive scan using all available checks in Invicti. This profile offers the widest vulnerability coverage.
Critical / High risk
Scans only for the most severe vulnerabilities, including SQL Injection, Cross-site scripting (XSS), and File Inclusion. Invicti dynamically updates this profile with each release to include the latest high-impact checks.
Critical / High / Medium risk
Extends the Critical / High risk profile by also checking for medium-risk issues, such as server misconfigurations and common coding flaws. Invicti also dynamically updates this profile.
Cross-site scripting (XSS)
Focuses exclusively on detecting XSS vulnerabilities. Invicti updates this profile regularly to include the latest relevant tests.
SQL injection
Focuses only on detecting SQL Injection vulnerabilities. Invicti dynamically updates this profile to reflect the latest threat signatures.
Weak passwords
Identifies login forms and attempts to exploit them using known weak credentials to detect authentication vulnerabilities.
Crawl only
Performs a crawl of the target site to map its structure without running any vulnerability checks.
OWASP top 10 API security risks 2023
Scans for the top 10 most critical API risks to web applications, as defined by the OWASP Top 10 API project.
OWASP top 10 security risks 2025
Scans for the top 10 most critical security risks to web applications, as defined by the OWASP Top 10 project.
PCI DSS 4.0 checks
Identifies vulnerabilities that would cause non-compliance with Payment Card Industry data security standards (PCI DSS).
CWE/SANS top 25
Scans for the 25 most dangerous software errors, based on the Common Weakness Enumeration (CWE) list curated by the SANS Institute.
LLM security
Specialized profile for testing Large Language Model (LLM) powered applications including AI chatbots, virtual assistants, and other AI-enabled systems. Tests for prompt injection, system prompt leakage, LLM command injection, and other AI-specific vulnerabilities. For detailed information, see LLM-based app vulnerability testing.
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center