Netflix Sleepy Puppy – Nothing new

Netflix has released an open source tool that their engineering team have developed in-house that can find second-order XSS vulnerabilities in web applications. The tool is called Sleepy Puppy, and while it’s a good initiative from Netflix, the auto-detection of ‘Delayed XSS’ is nothing new. In August 2013, Acunetix announced it’s 9th edition of it’s flagship […]

Read More →

Password hashing and the Ashley Madison hack

The mainstream media is in a frenzy about the Ashley Madison hack, and with good reason. Aside from the shady social and moral motives that most people are criticising Avid Life Media (the site’s owners) about, the breach is a notable one in terms of what the attackers made off with. Among the stolen data […]

Read More →

Acunetix GM interviewed on Rust Report

Acunetix General Manager, Chris Martin was interviewed by Len Rust for the popular Australasian ICT news platform – Rust Report during Cebit in Sydney Australia 2015. In his interview, Mr. Martin gives a brief overview of the company, describes what sets Acunetix apart from its competitors, and talks about the company’s greatest challenges and opportunities.

Read More →

WordPress 4.3 “Billie” improves password resets

The WordPress team have just announced that the 4.3 release of the massively popular blogging and content management software has been released to the public. While there are some interesting new usability features, the WordPress team have also released a new security feature that deals with the way passwords are reset. The new and improved […]

Read More →

Business Logic Security Testing with Acunetix v10

Business logic in web applications refers to the encoding of real-world business rules that determine how data should be created, displayed, stored, and changed in a workflow-style process. Applications implementing business logic are not easy to test automatically because they are meant to be used and understood by humans, not automated software. So for example, […]

Read More →

External Tools Support in v10

Acunetix WVS v10 has introduced several new features, including an entirely re-engineered Login Sequence Recorder. The feature we’re going to be focusing on in this post is the ability to import the output of other tools into Acunetix WVS to facilitate the testing process of complex web applications and web services. The crawler can automatically crawl practically […]

Read More →