|
This panel allows you to configure N-Stalker's spider engine parameters, including total number of crawled pages, a limit of variations per node, path truncation, etc.
HTTP Method
|
This option allows you to customize the default HTTP method used by N-Stalker's spider engine. The most common method is "GET" (which provides access to resources). Remember: this is the "default" method and spider's engine might use different methods if the application requires so (e.g: "POST" for web forms).
|
| • | Spider Engine Restriction |
Max Pages
|
Maximum number of web pages N-Stalker might crawl (0 is unlimited)
|
Pages Per Node
|
Maximum number of pages variation per node (0 is unlimited). Example of variation is: /index.php?page=1 and /index.php?page=5
|
Depth Level
|
Maximum directory depth level (0 is unlimited)
|
| • | Spider Engine Miscellaneous Options |
Enable Path Truncation
|
When this option is enabled, N-Stalker's spider engine will attempt to truncate every resource back to its directory in order to find possible new resources (eg: /test/index.html will also generate a request for /test/).
|
Encode URI to evade IDS/IPS protection
|
When this option is enabled, N-Stalker will employ a series of encoding techniques (hexa-encode, localization, meta-escaping) in order to evade intrusion detection mechanisms. This is experimental and recommended for evasion test-only (applications might not support all encoding techniques).
|
Max Threads
|
This option allows you to control the number of simultaneous threads to be used within the engine (we do not recommend going much above the default limit as more computing resources will be needed and it may degrade the overall performance)
|
| • | Buffer Overflow Test Option |
Max Size
|
This is the maximum number of bytes to be sent when attempting to attack an application using buffer overflow techniques. We recommend keeping the default values as they are based on common server's restriction.
|
|
