AnsweredAssumed Answered

How to scan a 2 factor enabled web application that uses token in URL

Question asked by Manish Rana on Dec 8, 2016
Latest reply on Dec 15, 2016 by Manish Rana

Hi,

 

I am trying to scan a web application that is authenticated using Azure and using 2 factor. The application also uses a random token with each request that is passed in URL just after Azure auth and just before entering the application (after authentication). Qualys scanner gets stuck at the login page. I am injecting a cookie to authenticate into the application. But qualys gets stuck at the login page to the Azure auth into the application. Please suggest how should I proceed.

Outcomes