Reviewing Entrypoints

๐Ÿ‘

Tip:

To take a full advantage of using persistent entrypoints, open Projects โ†’ Entrypoints to view full information about entrypoints.

An entrypoint is the main element in testing, as it contains key information for the analysis of the scan and its subsequent optimization.

๐Ÿ“˜

Note:

To open the Table Settings menu, click button at the upper left side of the table.

The Entrypoints table includes the following columns:

  • Method - the entrypoint method type
  • URL - the entrypoint URL
  • Connectivity - status of the entrypoint
    • OK - the entrypoint reached successfully and returned a valid response
    • Unreachable - the entrypoint could not be reached
    • Problem - the entrypoint is reachable but returned with problematic response status
    • Skipped - the entrypoint was skipped in the current scan scope
  • Tests progress - test completion rate
  • Response time - response time, ms
  • Tested scenarios - the number of attack scenarios that were done in the particular entrypoint for all related tests

๐Ÿ“˜

Note:

Connectivity statuses are available for new scans only, the old ones will have an N/Astatus. To make all Entrypoints to have a displayed connectivity statuses, retest a scan.

Filtering scans

To simplify searching for a particular scan, Bright allows you to filter Entrypoints by multiple parameters, such as:

  • Entrypoint ID
  • Response time
  • Connectivity

To apply a filter, follow these steps:

  1. In the header of the Entrypoints table, click FILTER.

  2. In the Filter by dialog box, select the necessary filter option and set up the relevant filter parameters.

  3. (Optional). If you need to apply several filters at once, click + Add filter to apply one more filter.

  4. Click Apply.

To reset the filter parameter(s), follow these steps:

  1. In the header of the ENTRYPOINTS table, click the applied filter parameter(s).
  2. In the Filter by dialog box, click Clear all and then Apply.

You can also search for a certain entrypoint by its URL (even using a partial URL) or method across the table using the Search bar.

Sorting Entrypoints

Entrypoints can be sorted by column parameters, either in ascending or descending order. For example, you may need to filter the entrypoints by their connectivity or put the entrypoints with a fast response first.

To do that, click on the arrow next to the parameter in the header of the scans. Click on the arrow again to change the item order between ascending and descending.

Adjusting Entrypoints table

Bright allows you to change the visibility of columns, adjust its width, and choose the number of items per page using the Table Settings menu. Also, you can change the order of the columns simply by drag-and-drop action.

To configure the Entrypoints table view, follow these steps:

  1. Click to open the table settings.
  2. (Optional). To reset the table settings to default, click Restore defaults at the bottom of the dialog box.

Copying the Entrypoint data

Bright allows users to quickly copy the entrypoint data and then reuse it. By clicking next to the entrypoint you can access the quick actions menu and then copy the entrypoint URL or copy the request as cURL.

Exporting Entrypoints

Bright allows users to export all the scan Entrypoints as a .CSV table. To export Entrypoints, click Export at the top of the table.

Reviewing entrypoints summary

This page contains all the information about the particular entrypoint. To open this page click on the entrypoint on the ENTRYPOINTS table.

The Entrypoint details page consists of the following tabs:

  • Overview - detailed information about the entrypoint

    • Request - method and entrypoint URL
    • Connectivity - status of the entrypoint
    • Total parameters - discovered parameters available for attack
    • Response time - response time, ms
    • Entry-point ID - the ID of the entrypoint
    • Tests progress - test completion rate
    • Tests duration - test duration
    • Time saved by parallel testing - performed during the tests with high concurrency
  • Issues - This tab contains a table with key information about issues, related to this entrypoint. Like all tables in Bright, this one is adjustable and can be configured for any user's needs. Also, by clicking the you can manage each issue: resolve, reopen or ignore it.
    For a better visibility, there is a Found in current scan column, which indicates if the issue was found in this particular scan.
    By clicking any issue type name it's possible to move to another issue to analyze it.

  • Tested Scenarios - contains a table with a list of executed tests with a number of scenarios, found issues, severity, and notes.

  • Statuses - contains the table with all collected statuses

  • Request - contains the entry-point method, the URL, and the headers.

  • Response - contains the entry-point status, its headers, and the body.