Acunetix

Acunetix Web Vulnerability Scanner automates the task of monitoring the security of Web applications and makes it possible to identify vulnerabilities of the web site before they will be detected and useed by an attacker.

This is a very powerful product for analysis of all kinds of vulnerabilities on the site and works not only with familiar to us sites in php, but also in other languages.

How does Acunetix Web Vulnerability Scanner works:

  • Acunetix WVS explores and forms the structure of the site, processing all found links and collecting information about all detected files;
  • Then the program tests all web pages with elements for data entry, making data entry using all possible combinations and analyzing the results obtained;
  • After discovering a vulnerability, Acunetix WVS gives a warning that contains a description of the vulnerability and recommendations for its elimination;
  • The final report WVS can be recorded in the file for further analysis and comparison with the results of previous audits.

What vulnerabilities Acunetix Web Vulnerability Scanner detects:

  1. Cross site scripting (performing a malicious script in the user’s browser when handling and in the context of a trusted site security);
  2. SQL injection (execution of SQL queries from the browser to gain unauthorized access to data);
  3. Database via GHDB (Google hacking database)-a list of typical queries used by hackers to gain unauthorized access to web applications and sites;
  4. Running the code;
  5. Bypassing the catalog;
  6. To insert a file (File inclusion);
  7. Disclosure of the source text of the script;
  8. CRLF injection;
  9. Cross frame scripting;
  10. Public backups of files and folders;
  11. Files and folders that contain important information;
  12. Files that may contain information necessary to carry out an attack (System logs, application trace logs etc);
  13. Files containing lists of folders;
  14. A folder with a low level of protection that allow you to create, modify or delete files.

DeepScan Technology Scans Most Content

A new fundamental process during any scan is the scanner’s ability to properly crawl an
application, no matter what web technology it’s written in. Acunetix Vulnerability
Scanner features DeepScan Technology; an HTML5 crawling and scanning engine that
fully replicates user interaction inside of a browser by executing and analyzing JavaScript.
DeepScan allows accurate crawling of AJAX-heavy client-side Single Page Applications
(SPAs) that leverage technologies such as AngularJS, EmberJS and Google Web Toolkit.
It can understand and interact with complex web technologies such as: AJAX, SOAP/
WDSL, SOAP/WCF, WADL, XML, JSON, Google Web Toolkit (GWT) and CRUD operations. In
addition, DeepScan has been further optimized to analyze websites and web applications
developed in Ruby on Rails and Java Frameworks including Java Server Faces (JSF), Spring
and Struts.

Some other powerful options

  • Advanced Network Level Scanning
  • Detailed Reports Enable you to Meet Legal and
    Regulatory Compliance
  • WordPress Vulnerability Scanning
  • Editors, Sniffers, Fuzzers

Free trial version is available for free to use for 14 days.

Download

Manual

REVIEW OVERVIEW
Scanning
Exploitation
Flexibility
SHARE
Previous articleQualys Free Scan
Next articleWhat is Kali Linux
Avatar
Penetration Testing & Information Security Specialist, Certified Ethical Hacker. Uladzislau Murashka provides information security and penetration testing services, IDS/IPS implementation and configuration, infrastructure security assessment and hardening, participates in bug bounty programs. CyberSecurity News & Articles: www.scanforsecurity.com and Penetration Testing Services: www.cybersecuriosity.com

1 COMMENT

Comments are closed.