In our latest release we have expanded on the authentication types available in Intruder. Since we launched authenticated web application scanning over a year ago, we have received feedback that setting up a Form authentication is too time consuming, and has the potential for error, which can lead to frustration.
With Recorded Logins, you can now use Google Chrome Dev Tools to record yourself logging into your target and then upload the file to Intruder to seamlessly setup your authentication. Additionally, this allows Intruder to support even more login types, including targets with Single-Sign-On (SSO). You can read instructions here on how to add this new type of authentication to your target.
This is our first step of an exciting project in improving our coverage for scanning single-page applications, with more to come in the new year! If you’d like to discuss this further with a member of the product team, or give some feedback, you can do so here.