Target definition
A target in Invicti Platform refers to any web asset you want to scan for security vulnerabilities—this includes websites, APIs, web applications, servers, and network devices. To perform a security scan, you must first add the asset as a target. Typically, one target license is required per domain or web application.
Licensing rules for targets
When determining how targets are counted for licensing, the following rules apply:
For more information about managing your license usage and viewing FQDN consumption, refer to License management.
localhostand127.0.0.1consume 1 licensed targetexample.comandwww.example.comtogether consume 1 licensed target- The protocol (
httpvs.https) does not affect target count and consumes 1 licensed target - Subdomains are considered separate targets: for example,
www.example.comandapi.example.comconsume 2 licensed targets - Different paths within the same domain consume 1 licensed target: for example,
example.comandexample.com/blog/ - Different ports for the same domain consume 1 licensed target: for example,
example.com:8080andexample.com:8888 - Invicti test sites with Demo status (visible in Settings > License > Licensed FQDNs used drawer) don't consume any target licenses; for example,
vulnweb.com
Target variations and licensing
Target variations refer to different configurations of the same FQDN. You can create multiple variations such as:
http://example.comhttps://example.comhttp://www.example.comhttps://www.example.comhttp://example.com/bloghttp://example.com:888http://example.com:777
All these variations are going to use only one licensed FQDN.
Important licensing behavior:
- Invicti doesn't immediately count targets against your license when you add them
- You can remove a target without penalty if you make a mistake in the address
- Invicti counts a target as licensed only after you scan it
Target creation limits
Invicti provides a higher limit for target creation at 5x the licensed targets:
- Customers with a 10 licensed target subscription can create up to 10 different FQDNs
- You can create a total of 50 targets in the platform
- 40 of these 50 targets will be variations of the unique FQDNs
Subdomain licensing rules
Invicti counts each subdomain as a separate FQDN, with the exception of www:
http://www.example.comandhttp://api.example.comuse 2 licensed targetsinvicti.com:80andinvicti.com:443count as 1 licensed targetinvicti.com/homeandinvicti.com/sitecount as 1 licensed target
Regardless of how target variations are configured, the total number of targets you can create is limited to five times the number of targets included in your license.
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center