How can I integrate Acunetix WVS with another third party application?

Acunetix WVS offer command-line support, which provides similar functionality and is an easy way to integrate Acunetix WVS with other third party applications.

If you wish to run the Acunetix WVS console application then you can run ‘wvs_console.exe’ from the Acunetix WVS installation directory. In case you wish to generate a report using the command-line support then you can use the Acunetix WVS Reporter console application by running ‘reporter_console.exe’ from the Acunetix WVS installation directory.

Here’s an example of a typical Acunetix WVS scan command along with a description of the parameters used:

Command line

wvs_console.exe /Scan http://testphp.vulnweb.com /Profile default /SaveToDatabase –ScanningMode=Heuristic –UseAcuSensor=TRUE –EnablePortScanning=TRUE

Explanation

/Scan http://testphp.vulnweb.com: Instruct the scanner to launch a single site scan against http://testphp.vulnweb.com.

/Profile default: Use default profile for scanning.

/SaveToDatabase: This parameter instructs the scanner to save scan results to reporting database.  If this parameter is not enabled, reports cannot be generated.

–ScanningMode=Heuristic: This option is to instruct the scanner to use heuristic scanning mode against specified target.

–UseAcuSensor=TRUE: Use AcuSensor Technology during scan. The AcuSensor client files must be installed and configured on the target for AcuSensor Technology to function.

–EnablePortScanning=TRUE: Instruct the scanner to port scan the target as well, and run network security tests (Network Alerts) against the target.

For a complete list of parameters and options run ‘wvs_console.exe /?’. Moreover, you can consult the chapter ‘Command Line Support’ in the user manual.

In addition, below is an example of the Acunetix WVS Reporter console that can be used to generate Reports independently of the Acunetix WVS console. Each scan result that is imported to the database (by default each finished scan result is imported to the Database), has an ID. This ID identifies each scan result to be used by the ‘reporter_console.exe’ in order to generate a Report.

Command line

‘reporter_console.exe’ /Report WVSComplianceReport.rep /Kind PCI12.xml /Action PDF /Target 5 /Output “c:reports”

Explanation

/Report WVSComplianceReport.rep:  Generate a WVSComplianceReport scan report.

/Kind PCI12.xml: Specify the compliance template. This is used for compliance type reports. Thus in this case it will generate a PCI version1.2 compliance report (PCI12.xml) using the Compliance reporting template (WVSComplianceReport.rep).

/Action PDF: Generate the report in PDF format.

/Target 5: Target receives a scan ID which identifies the scan to be used in the report

/Output “C:reports”: The path and filename where the report should be created

For a complete list of parameters and options run ‘reporter_console.exe /?’. Moreover, you can consult Acunetix Command Line Operations blog post.

If other parameters or options are not specified, the default values will be used.  The default values can be configured from the Acunetix WVS Settings in the GUI for both ‘wvs_console.exe’ and the ‘reporter_console.exe’.

View all the Acunetix FAQs here.

Leave a Reply

Your email address will not be published.


*