WebApp Testing¶
WebApp Testing provides comprehensive security testing for web applications through browser-based dynamic analysis. The scanner is designed to test modern web architectures including Single Page Applications (SPAs), Progressive Web Apps (PWAs), and traditional multi-page applications.
Core Capabilities¶
State-Aware Crawling: Application states are fingerprinted using DOM structures and visible content rather than URL patterns alone. This approach enables effective testing of dynamic, client-side rendered content.
Intelligent Exploration: Reinforcement learning algorithms are employed to identify high-value exploration paths and minimize redundant crawling, optimizing scan efficiency.
Modern Framework Support: Full compatibility with contemporary JavaScript frameworks and dynamic content rendering is provided, including React, Angular, Vue, and similar architectures.
Documentation Structure¶
Configuration Guides¶
- Application Routing Patterns: Understanding routing architectures and their impact on scan configuration
- Session Management: Maintaining authenticated state throughout security scans
- Performance Tuning: Optimizing scan duration, resource utilization, and application stability
- Production-Safe Scanning: Minimizing infrastructure impact for production environment testing
Technical References¶
- Technology Overview: Reinforcement learning architecture and state fingerprinting methodology
- Scope Configuration: Detailed scope configuration including exploration, page, and API scope parameters
- Configuration Reference: Complete reference for all WebApp Testing configuration parameters
Authentication¶
- Authentication Configuration: Initial credential acquisition and authentication flow setup
- Browser Actions Authentication: Form-based authentication configuration
- OAuth Authentication: OAuth flow configuration
Advanced Features¶
- Agentic Crawling: Experimental AI-driven security testing capabilities
Testing Approach¶
WebApp Testing analyzes web application security through multiple layers:
- Frontend Security: DOM manipulation, JavaScript execution, browser storage, and client-side security controls
- Network Security: HTTP headers, cookie security, SSL/TLS configuration, and Content Security Policy
- API Security: Security testing of captured API traffic during frontend interaction
- Authentication Security: Session management, logout mechanisms, and authentication flow validation
Scan Configuration Workflow¶
- Authentication Setup: Configure authentication method in Authentication Configuration
- Scope Definition: Define exploration boundaries and exclusions in scan configuration
- Performance Tuning: Adjust parallelism, duration, and visit limits based on application characteristics
- Security Check Selection: Choose appropriate security check types for the target environment
- Session Management: Configure session persistence and logout prevention mechanisms
- Execution: Run scan and analyze results through the Escape platform
Configuration Best Practices¶
- Conservative settings should be validated in staging environments before production deployment
- Parallelism should be adjusted based on application stability under load
- Session management configuration should align with authentication architecture (stateful vs stateless)
- Scope constraints should be applied to prevent exhaustive exploration of parameterized content
- Production scans should utilize minimal security check types and reduced resource consumption
Related Documentation¶
- API Testing: API-focused security testing
- Authentication: Comprehensive authentication configuration
- Vulnerabilities Reference: Security issue classification and remediation guidance
Index¶
- Technology
- Routing Patterns
- Scope Configuration
- Session Management
- Performance Tuning
- Production-Safe Scanning
- Agentic Crawling
- Reference (WebApp)
Custom Rules¶
- Alerting
- Detectors
- Seeders
- Extractors
- Custom Rules Reference