Rapid7 AppSec Plugin

Rapid7 AppSec Plugin

The Rapid7 AppSec plugin works with Rapid7 Application Security and AppSpider dynamic application security testing solutions to improve application scanning coverage and assist in validating vulnerabilities with these capabilities: Macro Recording - Use the plugin to record macros required by Application Security and AppSpider Enterprise when selecting the Macro Authentication scan configuration. Macro Authentication enables the crawling engine of Application Security and AppSpider to authenticate with complex login workflows. Vulnerability Validator - Use the vulnerability validator in conjunction with the Attack Replay feature in Application Security and AppSpider. This feature of the Chrome plugin enables users to replay and edit recorded traffic generated during an Application Security or AppSpider scan. Bootstrap Authentication - The Chrome plugin is required to use AppSpider Enterprise's Bootstrap Authentication feature, which gives the user the ability to interactively login to the target application during an active scan. Used for login workflows that require human interaction for example 2FA (Two-factor authentication). Traffic Recorder - Record the interactions (like HTTP GET and POST requests) between the front end application and the back end server in a Traffic File. Application Security can replay these interactions to authenticate into your application. For support related to this plugin, please contact chrome_plugin@rapid7.com