The BreachLock Login Assistant chrome extension allows you to choose from multiple authentication methods to run an authenticated scan on your web application.
The extension provides two different authentication methods:
1) Record your session cookie:
The extension records the session cookie provided by you during the authentication and uses the same session cookie to login to your web application.
2) Record your login sequence.
The extension records a login sequence (trail) or any specific behavior required and replays the sequence in the exact order to login to your web application.
Authentication can help us provide you a more comprehensive security evaluation of your web application.
Complete the following steps to use BreachLock Login Assistant :
1. Download the BreachLock extension by clicking on "Add to Chrome"
2. Click on the BreachLock icon in the address bar to open the extension.
3. Depending on the method you want to use, choose Method 1 to record session cookie or Method 2 to record login sequence.
4. Follow the instructions in the popup.
5. Provide the authentication token.
You can get the “authentication token” from “Scans” under “Web Application Scanning (DAST)” module after logging into the BreachLock SaaS platform. Visit the following URL to get the associated authentication token for your web application: https://app.breachlock.com/assets/