Skip to main content

Standalone LSR overview

The Invicti standalone Login Sequence Recorder (LSR) lets you record login sequences and business logic flows (BLR) outside the Invicti Platform UI. You can then upload the resulting .lsr or .blr file to a target.

The in-product LSR and BLR cover most use cases for every target type, including targets that use an internal scanning agent. The standalone LSR is an alternative path when you prefer to record on a different machine, work without an active browser session to the platform, or prepare sequences in advance.

When to use the standalone LSR

Choose the standalone LSR when:

  • You want to record a sequence on a machine that has direct network access to the target, separate from the user running Invicti Platform.
  • You prefer to prepare and version .lsr or .blr files outside the platform, for example as part of a scripted onboarding process.
  • You're converting an existing Selenium script into an .lsr file.

For most other cases, record directly in the platform UI:

What is a login sequence recorder

A Login Sequence Recorder (LSR) captures and replays login actions so the scanner can access restricted areas of a web application.

During crawling and scanning, an LSR allows the scanner to:

  • Access form-based, password-protected areas
  • Replay login steps to authenticate
  • Restrict session-invalidating actions (for example, logout links)
note

LSR restrictions should only be used to prevent session invalidation. To exclude specific paths from scanning, use the target's path restriction settings. For more information, refer to the crawling options section of configuring targets.

What is a business logic recorder

A Business Logic Recorder (BLR) captures custom input sequences beyond basic log in to help the scanner interact with complex application flows.

A BLR allows you to:

  • Define multiple input paths for multi-step forms or application workflows
  • Create sequences that meet specific conditions to access otherwise unreachable areas of the app

Install and use the standalone LSR

To use the standalone LSR, install it first:

Already installed? Start by recording a login sequence, then upload the .lsr or .blr file to your target.

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Last updated on
Was this page useful?