Can I Have Different Web Scanning Profiles?

Web Scanning ProfilesAcunetix Web Vulnerability Scanner ( WVS ) offers you the ability to choose specific types of attacks to run against your site, such as SQL injection or Cross-Site Scripting attacks. You can select the desired attacks and save them as different Web Scanning Profiles.

Follow the below procedure to create different Web Scanning Profiles that can be used to scan multiple websites or web applications:

  1. Navigate to the Configuration > Scanning Profiles.
  2. Click the ''Create a new profile'' button next to the Profile drop down menu and enter a name for the new scanning profile.
  3. Make sure that the scanning profile is selected in the Profile drop down menu and then configure the desired type of attack for your website, e.g. testphp.vulnweb.com
  4. Click ''Save'' next to the ''Create a new profile'' button to save the changes to the selected scanning profile.

You can remove a scanning profile by simply selecting it and clicking the ''Delete current profile'' button.

View all the Acunetix FAQs here.

 

 

ShareShare on FacebookTweet about this on TwitterShare on Google+

Leave a Reply


*

  1. Christiaan X

    Your product was just used aggressively yesterday by Anonymous hackers to probe my website for attack vulnerabilities. I don’t know if you can control this in any way, but please think about it. Thank you for designing it to leave a record of its identity in the process.

    July 18, 2012 at 3:58 am Reply
  2. Hi Christiaan X

    I am sorry about that. Unfortunately this is an issue which unfortunately cannot be controlled, since certain individuals are using cracked versions of Acunetix WVS and scanning sites without permission.

    Version 7 scanner is sending these headers with every request:

    Acunetix-Product: WVS/7 (Acunetix Web Vulnerability Scanner – NORMAL)
    Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED
    Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htm

    and Version 8 scanner is sending these headers with every request:

    Acunetix-Product: WVS/8 (Acunetix Web Vulnerability Scanner – NORMAL)
    Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED
    Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htm

    You can change the version (WVS/*) in the Acunetix-Product header to the version of Acunetix you wish to block, such as WVS/6 or WVS/7 or WVS/8.

    If you have an application firewall like mod_security
    (http://www.modsecurity.org/) you are able to block these requests by defining some custom rules.

    Otherwise, you may block attacker’s IP address.

    Here is the Apache documentation about access control (in case your web server is Apache):
    http://httpd.apache.org/docs/2.2/howto/access.html

    If you are using IIS, this document may help you to control access:
    http://www.hostmysite.com/support/dedicated/IIS/blockip/

    If you are using another web server software, consult its documentation for information on access control.

    Thank You

    July 18, 2012 at 11:46 am Reply
  3. Aki

    I’m using it only on my sites, not to attack someone else’s.

    March 11, 2013 at 7:16 pm Reply