| 1 | + | <Profile> |
| 2 | + | <Id>804F55B4-67E8-4C96-AB94-AB76A194DFD9</Id> |
| 3 | + | <Name>DVWA profile</Name> |
| 4 | + | <Description>Run a full scan again a Damn Vulnerable Web Application instance with username: admin and password: password.</Description> |
| 5 | + | <RunCrawler>true</RunCrawler> |
| 6 | + | <RunVulnerabilityScanner>true</RunVulnerabilityScanner> |
| 7 | + | <RunWebAppFingerprinter>false</RunWebAppFingerprinter> |
| 8 | + | <RunResourceDiscoverer>false</RunResourceDiscoverer> |
| 9 | + | <HttpRequestorSettings> |
| 10 | + | <Timeout>3000</Timeout> |
| 11 | + | <RequestThrottling>0</RequestThrottling> |
| 12 | + | <AllowAutoRedirect>true</AllowAutoRedirect> |
| 13 | + | <UseJavascriptEngineForRequest>false</UseJavascriptEngineForRequest> |
| 14 | + | <Proxy></Proxy> |
| 15 | + | <StaticExtensions>.flv,.docx,.gif,.jpeg,.jpg,.jpe,.png,.vis,.tif,.tiff,.psd,.bmp,.ief,.wbmp,.ras,.pnm,.pbm,.pgm,.ppm,.rgb,.xbm,.xpm,.xwd,.djv,.djvu,.iw4,.iw44,.fif,.ifs,.dwg,.svf,.wi,.uff,.mpg,.mov,.mpeg,.mpeg2,.avi,.asf,.asx,.wmv,.qt,.movie,.ice,.viv,.vivo,.fvi,.tar,.tgz,.gz,.zip,.jar,.cab,.hqx,.arj,.rar,.rpm,.ace,.wav,.vox,.ra,.rm,.ram,.wma,.au,.snd,.mid,.midi,.kar,.mpga,.mp2,.mp3,.mp4,.aif,.aiff,.aifc,.es,.esl,.pac,.pae,.a3c,.pdf,.doc,.xls,.ppt,.mp,.msi,.rmf,.smi,.bin,.m4p,.m4a,.PS,.EPS,.svg,.ttf,.ico,.woff,.woff2,.css,.js</StaticExtensions> |
| 16 | + | <AdditionalHttpHeaders> |
| 17 | + | <HttpHeader> |
| 18 | + | <Name>Accept</Name> |
| 19 | + | <Value>text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3</Value> |
| 20 | + | </HttpHeader> |
| 21 | + | <HttpHeader> |
| 22 | + | <Name>Accept-Encoding</Name> |
| 23 | + | <Value>deflate</Value> |
| 24 | + | </HttpHeader> |
| 25 | + | <HttpHeader> |
| 26 | + | <Name>Accept-Language</Name> |
| 27 | + | <Value>en-US,en;q=0.9,la;</Value> |
| 28 | + | </HttpHeader> |
| 29 | + | <HttpHeader> |
| 30 | + | <Name>User-Agent</Name> |
| 31 | + | <Value>Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36</Value> |
| 32 | + | </HttpHeader> |
| 33 | + | </AdditionalHttpHeaders> |
| 34 | + | <AdditionalCookies> |
| 35 | + | <Cookie> |
| 36 | + | <Name>security</Name> |
| 37 | + | <Value>low</Value> |
| 38 | + | </Cookie> |
| 39 | + | </AdditionalCookies> |
| 40 | + | <Journey /> |
| 41 | + | <AuthenticationInfo> |
| 42 | + | <Type>None</Type> |
| 43 | + | <Username></Username> |
| 44 | + | <Password></Password> |
| 45 | + | <Token></Token> |
| 46 | + | <Enabled>false</Enabled> |
| 47 | + | <LoginPattern /> |
| 48 | + | <LogoutPattern /> |
| 49 | + | <DynamicAuthParameterPatterns> |
| 50 | + | <Pattern>Token</Pattern> |
| 51 | + | </DynamicAuthParameterPatterns> |
| 52 | + | </AuthenticationInfo> |
| 53 | + | </HttpRequestorSettings> |
| 54 | + | <CrawlerSettings> |
| 55 | + | <Scope>EnteredPathAndBelow</Scope> |
| 56 | + | <MaxNumberOfPagesToCrawl>500</MaxNumberOfPagesToCrawl> |
| 57 | + | <MaxNumOfRequestsToTheSamePage>5</MaxNumOfRequestsToTheSamePage> |
| 58 | + | <CrawlPageWithoutExtension>true</CrawlPageWithoutExtension> |
| 59 | + | <CrawlOnlyPageWithTheSpecifiedExtensions>false</CrawlOnlyPageWithTheSpecifiedExtensions> |
| 60 | + | <ActivateAllAddOns>false</ActivateAllAddOns> |
| 61 | + | <HasLinkNavigationLimit>true</HasLinkNavigationLimit> |
| 62 | + | <MutateWebLinks>false</MutateWebLinks> |
| 63 | + | <SubmitPost>true</SubmitPost> |
| 64 | + | <ReCrawlPages>true</ReCrawlPages> |
| 65 | + | <AllowedHosts /> |
| 66 | + | <BlacklistedPattern> |
| 67 | + | <Pattern>/logout.[a-z]+</Pattern> |
| 68 | + | <Pattern>/setup.php</Pattern> |
| 69 | + | <Pattern>/manual/</Pattern> |
| 70 | + | <Pattern>doc/</Pattern> |
| 71 | + | </BlacklistedPattern> |
| 72 | + | <DefaultParameters> |
| 73 | + | <Parameter> |
| 74 | + | <Name>username</Name> |
| 75 | + | <Value>admin</Value> |
| 76 | + | <Path>/DVWA/login.php</Path> |
| 77 | + | </Parameter> |
| 78 | + | <Parameter> |
| 79 | + | <Name>password</Name> |
| 80 | + | <Value>password</Value> |
| 81 | + | <Path>/DVWA/login.php</Path> |
| 82 | + | </Parameter> |
| 83 | + | </DefaultParameters> |
| 84 | + | <AddOnIdsToActivate> |
| 85 | + | <AddOnId>e3edf40e-bb96-4e99-b53b-8fc3d5daa136</AddOnId> |
| 86 | + | <AddOnId>d2743ed4-c0b5-4166-9dc2-828ca7c7d7b3</AddOnId> |
| 87 | + | <AddOnId>ff687a9e-3c00-4f04-9e08-0ac9270a9fb9</AddOnId> |
| 88 | + | <AddOnId>3a5fd36f-48b6-4cde-a6bf-7871d62c8d56</AddOnId> |
| 89 | + | </AddOnIdsToActivate> |
| 90 | + | <ContentTypeToFilter> |
| 91 | + | <ContentType>image/bmp</ContentType> |
| 92 | + | <ContentType>image/fif</ContentType> |
| 93 | + | <ContentType>image/gif</ContentType> |
| 94 | + | <ContentType>image/ief</ContentType> |
| 95 | + | <ContentType>image/jpeg</ContentType> |
| 96 | + | <ContentType>image/png</ContentType> |
| 97 | + | <ContentType>image/tiff</ContentType> |
| 98 | + | <ContentType>image/vasa</ContentType> |
| 99 | + | <ContentType>image/vnd.rn-realpix</ContentType> |
| 100 | + | <ContentType>image/x-cmu-raster</ContentType> |
| 101 | + | <ContentType>image/x-freehand</ContentType> |
| 102 | + | <ContentType>image/x-jps</ContentType> |
| 103 | + | <ContentType>image/x-portable-anymap</ContentType> |
| 104 | + | <ContentType>image/x-portable-bitmap</ContentType> |
| 105 | + | <ContentType>image/x-portable-graymap</ContentType> |
| 106 | + | <ContentType>image/x-portable-pixmap</ContentType> |
| 107 | + | <ContentType>image/x-rgb</ContentType> |
| 108 | + | <ContentType>image/x-xbitmap</ContentType> |
| 109 | + | <ContentType>image/x-xpixmap</ContentType> |
| 110 | + | <ContentType>image/x-xres</ContentType> |
| 111 | + | <ContentType>image/x-xwindowdump</ContentType> |
| 112 | + | <ContentType>video/animaflex</ContentType> |
| 113 | + | <ContentType>video/x-ms-asf</ContentType> |
| 114 | + | <ContentType>video/x-ms-asf-plugin</ContentType> |
| 115 | + | <ContentType>video/avi</ContentType> |
| 116 | + | <ContentType>video/msvideo</ContentType> |
| 117 | + | <ContentType>video/x-msvideo</ContentType> |
| 118 | + | <ContentType>video/avs-video</ContentType> |
| 119 | + | <ContentType>video/dl</ContentType> |
| 120 | + | <ContentType>video/x-dl</ContentType> |
| 121 | + | <ContentType>video/x-dv</ContentType> |
| 122 | + | <ContentType>video/fli</ContentType> |
| 123 | + | <ContentType>video/x-fli</ContentType> |
| 124 | + | <ContentType>video/x-atomic3d-feature</ContentType> |
| 125 | + | <ContentType>video/gl</ContentType> |
| 126 | + | <ContentType>video/x-gl</ContentType> |
| 127 | + | <ContentType>audio/x-gsm</ContentType> |
| 128 | + | <ContentType>video/x-isvideo</ContentType> |
| 129 | + | <ContentType>audio/nspaudio</ContentType> |
| 130 | + | <ContentType>audio/x-nspaudio</ContentType> |
| 131 | + | <ContentType>audio/mpeg</ContentType> |
| 132 | + | <ContentType>audio/x-mpequrl</ContentType> |
| 133 | + | <ContentType>x-music/x-midi</ContentType> |
| 134 | + | <ContentType>audio/midi</ContentType> |
| 135 | + | <ContentType>audio/x-mid</ContentType> |
| 136 | + | <ContentType>audio/x-midi</ContentType> |
| 137 | + | <ContentType>music/crescendo</ContentType> |
| 138 | + | <ContentType>audio/x-vnd.audioexplosion.mjuicemediafile</ContentType> |
| 139 | + | <ContentType>video/x-motion-jpeg</ContentType> |
| 140 | + | <ContentType>audio/mod</ContentType> |
| 141 | + | <ContentType>audio/x-mod</ContentType> |
| 142 | + | <ContentType>audio/x-mpeg</ContentType> |
| 143 | + | <ContentType>video/mpeg</ContentType> |
| 144 | + | <ContentType>video/x-mpeq2a</ContentType> |
| 145 | + | <ContentType>audio/mpeg3</ContentType> |
| 146 | + | <ContentType>audio/x-mpeg-3</ContentType> |
| 147 | + | <ContentType>video/x-mpeg</ContentType> |
| 148 | + | <ContentType>video/x-sgi-movie</ContentType> |
| 149 | + | <ContentType>audio/make</ContentType> |
| 150 | + | <ContentType>audio/vnd.qcelp</ContentType> |
| 151 | + | <ContentType>video/quicktime</ContentType> |
| 152 | + | <ContentType>video/x-qtc</ContentType> |
| 153 | + | <ContentType>audio/x-pn-realaudio</ContentType> |
| 154 | + | <ContentType>audio/x-pn-realaudio-plugin</ContentType> |
| 155 | + | <ContentType>audio/x-realaudio</ContentType> |
| 156 | + | <ContentType>audio/mid</ContentType> |
| 157 | + | <ContentType>video/vnd.rn-realvideo</ContentType> |
| 158 | + | <ContentType>audio/s3m</ContentType> |
| 159 | + | <ContentType>video/x-scm</ContentType> |
| 160 | + | <ContentType>audio/x-psid</ContentType> |
| 161 | + | <ContentType>audio/basic</ContentType> |
| 162 | + | <ContentType>audio/x-adpcm.tsi</ContentType> |
| 163 | + | <ContentType>audio/tsp-audio</ContentType> |
| 164 | + | <ContentType>audio/tsplayereb</ContentType> |
| 165 | + | <ContentType>video/vivo</ContentType> |
| 166 | + | <ContentType>video/vnd.vivo</ContentType> |
| 167 | + | <ContentType>video/vnd.vivodeo/vdo</ContentType> |
| 168 | + | <ContentType>audio/voc</ContentType> |
| 169 | + | <ContentType>audio/x-voc</ContentType> |
| 170 | + | <ContentType>video/vosaic</ContentType> |
| 171 | + | <ContentType>audio/voxware</ContentType> |
| 172 | + | <ContentType>audio/x-twinvq-plugin</ContentType> |
| 173 | + | <ContentType>audio/x-twinvq</ContentType> |
| 174 | + | <ContentType>audio/wav</ContentType> |
| 175 | + | <ContentType>audio/x-wav</ContentType> |
| 176 | + | <ContentType>video/x-amt-demorun</ContentType> |
| 177 | + | <ContentType>audio/xm</ContentType> |
| 178 | + | <ContentType>video/x-amt-showrun</ContentType> |
| 179 | + | </ContentTypeToFilter> |
| 180 | + | <WebPagesExtensions> |
| 181 | + | <Extension>.flv</Extension> |
| 182 | + | <Extension>.docx</Extension> |
| 183 | + | <Extension>.gif</Extension> |
| 184 | + | <Extension>.jpeg</Extension> |
| 185 | + | <Extension>.jpg</Extension> |
| 186 | + | <Extension>.jpe</Extension> |
| 187 | + | <Extension>.png</Extension> |
| 188 | + | <Extension>.vis</Extension> |
| 189 | + | <Extension>.tif</Extension> |
| 190 | + | <Extension>.tiff</Extension> |
| 191 | + | <Extension>.psd</Extension> |
| 192 | + | <Extension>.bmp</Extension> |
| 193 | + | <Extension>.ief</Extension> |
| 194 | + | <Extension>.wbmp</Extension> |
| 195 | + | <Extension>.ras</Extension> |
| 196 | + | <Extension>.pnm</Extension> |
| 197 | + | <Extension>.pbm</Extension> |
| 198 | + | <Extension>.pgm</Extension> |
| 199 | + | <Extension>.ppm</Extension> |
| 200 | + | <Extension>.rgb</Extension> |
| 201 | + | <Extension>.xbm</Extension> |
| 202 | + | <Extension>.xpm</Extension> |
| 203 | + | <Extension>.xwd</Extension> |
| 204 | + | <Extension>.djv</Extension> |
| 205 | + | <Extension>.djvu</Extension> |
| 206 | + | <Extension>.iw4</Extension> |
| 207 | + | <Extension>.iw44</Extension> |
| 208 | + | <Extension>.fif</Extension> |
| 209 | + | <Extension>.ifs</Extension> |
| 210 | + | <Extension>.dwg</Extension> |
| 211 | + | <Extension>.svf</Extension> |
| 212 | + | <Extension>.wi</Extension> |
| 213 | + | <Extension>.uff</Extension> |
| 214 | + | <Extension>.mpg</Extension> |
| 215 | + | <Extension>.mov</Extension> |
| 216 | + | <Extension>.mpeg</Extension> |
| 217 | + | <Extension>.mpeg2</Extension> |
| 218 | + | <Extension>.avi</Extension> |
| 219 | + | <Extension>.asf</Extension> |
| 220 | + | <Extension>.asx</Extension> |
| 221 | + | <Extension>.wmv</Extension> |
| 222 | + | <Extension>.qt</Extension> |
| 223 | + | <Extension>.movie</Extension> |
| 224 | + | <Extension>.ice</Extension> |
| 225 | + | <Extension>.viv</Extension> |
| 226 | + | <Extension>.vivo</Extension> |
| 227 | + | <Extension>.fvi</Extension> |
| 228 | + | <Extension>.tar</Extension> |
| 229 | + | <Extension>.tgz</Extension> |
| 230 | + | <Extension>.gz</Extension> |
| 231 | + | <Extension>.zip</Extension> |
| 232 | + | <Extension>.jar</Extension> |
| 233 | + | <Extension>.cab</Extension> |
| 234 | + | <Extension>.hqx</Extension> |
| 235 | + | <Extension>.arj</Extension> |
| 236 | + | <Extension>.rar</Extension> |
| 237 | + | <Extension>.rpm</Extension> |
| 238 | + | <Extension>.ace</Extension> |
| 239 | + | <Extension>.wav</Extension> |
| 240 | + | <Extension>.vox</Extension> |
| 241 | + | <Extension>.ra</Extension> |
| 242 | + | <Extension>.rm</Extension> |
| 243 | + | <Extension>.ram</Extension> |
| 244 | + | <Extension>.wma</Extension> |
| 245 | + | <Extension>.au</Extension> |
| 246 | + | <Extension>.snd</Extension> |
| 247 | + | <Extension>.mid</Extension> |
| 248 | + | <Extension>.midi</Extension> |
| 249 | + | <Extension>.kar</Extension> |
| 250 | + | <Extension>.mpga</Extension> |
| 251 | + | <Extension>.mp2</Extension> |
| 252 | + | <Extension>.mp3</Extension> |
| 253 | + | <Extension>.mp4</Extension> |
| 254 | + | <Extension>.aif</Extension> |
| 255 | + | <Extension>.aiff</Extension> |
| 256 | + | <Extension>.aifc</Extension> |
| 257 | + | <Extension>.es</Extension> |
| 258 | + | <Extension>.esl</Extension> |
| 259 | + | <Extension>.pac</Extension> |
| 260 | + | <Extension>.pae</Extension> |
| 261 | + | <Extension>.a3c</Extension> |
| 262 | + | <Extension>.pdf</Extension> |
| 263 | + | <Extension>.doc</Extension> |
| 264 | + | <Extension>.xls</Extension> |
| 265 | + | <Extension>.ppt</Extension> |
| 266 | + | <Extension>.mp</Extension> |
| 267 | + | <Extension>.msi</Extension> |
| 268 | + | <Extension>.rmf</Extension> |
| 269 | + | <Extension>.smi</Extension> |
| 270 | + | <Extension>.bin</Extension> |
| 271 | + | <Extension>.m4p</Extension> |
| 272 | + | <Extension>.m4a</Extension> |
| 273 | + | <Extension>.PS</Extension> |
| 274 | + | <Extension>.EPS</Extension> |
| 275 | + | <Extension>.svg</Extension> |
| 276 | + | <Extension>.ttf</Extension> |
| 277 | + | <Extension>.ico</Extension> |
| 278 | + | <Extension>.woff</Extension> |
| 279 | + | <Extension>.woff2</Extension> |
| 280 | + | </WebPagesExtensions> |
| 281 | + | </CrawlerSettings> |
| 282 | + | <VulnerabilityScannerSettings> |
| 283 | + | <ActivateAllAddOns>true</ActivateAllAddOns> |
| 284 | + | <AddOnIdsToActivate /> |
| 285 | + | <BlacklistedPattern /> |
| 286 | + | </VulnerabilityScannerSettings> |
| 287 | + | <WebAppFingerprinterSettings> |
| 288 | + | <StopAtTheFirstApplicationIdentified>false</StopAtTheFirstApplicationIdentified> |
| 289 | + | <RaiseAnEventForEachVersionIdentified>false</RaiseAnEventForEachVersionIdentified> |
| 290 | + | <BeRecursive>false</BeRecursive> |
| 291 | + | <UseOnlyScripts>false</UseOnlyScripts> |
| 292 | + | </WebAppFingerprinterSettings> |
| 293 | + | <ResourceDiscovererSettings> |
| 294 | + | <BeRecursive>false</BeRecursive> |
| 295 | + | <RecursiveDepth>3</RecursiveDepth> |
| 296 | + | <UseBlankExtension>true</UseBlankExtension> |
| 297 | + | <Method>GET</Method> |
| 298 | + | <BlackListedStatusCodes> |
| 299 | + | <Code>403</Code> |
| 300 | + | <Code>404</Code> |
| 301 | + | <Code>406</Code> |
| 302 | + | <Code>429</Code> |
| 303 | + | <Code>500</Code> |
| 304 | + | <Code>503</Code> |
| 305 | + | <Code>504</Code> |
| 306 | + | <Code>508</Code> |
| 307 | + | <Code>509</Code> |
| 308 | + | </BlackListedStatusCodes> |
| 309 | + | <BlackListedWords> |
| 310 | + | <Word>This error was generated by Mod_Security</Word> |
| 311 | + | <Word>Rate Limit Exceeded</Word> |
| 312 | + | </BlackListedWords> |
| 313 | + | <Dictionaries> |
| 314 | + | <Id>A8EF3FFE-7CCF-4D1F-AA0A-2248DE6A00DF</Id> |
| 315 | + | <Id>8C2248F7-5D56-493F-B0BC-366904327B91</Id> |
| 316 | + | <Id>E4894EC1-FD53-4A24-B539-CF58C9489F89</Id> |
| 317 | + | <Id>E0662088-7A77-4D0A-BAAC-2AE4BB28D5F1</Id> |
| 318 | + | </Dictionaries> |
| 319 | + | <ForbiddenDirectories> |
| 320 | + | <Name>manual/</Name> |
| 321 | + | <Name>icons/</Name> |
| 322 | + | <Name>icon/</Name> |
| 323 | + | <Name>doc/</Name> |
| 324 | + | </ForbiddenDirectories> |
| 325 | + | <Extensions> |
| 326 | + | <Name>.tmp</Name> |
| 327 | + | <Name>.zip</Name> |
| 328 | + | <Name>.bak</Name> |
| 329 | + | </Extensions> |
| 330 | + | </ResourceDiscovererSettings> |
| 331 | + | </Profile> |
| 332 | + | |