Template for Web Application scan

Hello everyone,
I tried to check the vulnerability of my web application but I’m not sure about the template I used.
In your opinion, which is the best template to scan an web application (with public ip)?

Thank you

I created a custom web template, maybe creating your own helps you to scan what you want.

Also I use full audit, but if the hosts being scanned has limited resources, it can be satured as it is a bit “aggresive”.

Hi mmur_gt4e,

What base template did you start from?
penetration template?

thank you!

Honestly I can´t remember it, I´d say that we created it complete as a “new scan template”
Have you tried the “Web Audit” template?

“Performs an audit of all web servers and web applications. Suitable for scanning both public-facing and internal web servers, including application servers, ASP’s, CGI scripts, etc. Patch checking and policy compliance audits will not be performed. Note that the Web Audit will not scan FTP servers, mail servers, or database servers. For that, you may want to use the Internet DMZ Audit instead.”