As a pattern and exploit analysis tool, Acunetix performs a web security audit by executing the following 3 sub-tasks:
Step 1: Target identification
- Checks if the target(s) are running a web server, and therefore host any websites.
- Information is collected on the web-technologies used, as well as web server-type and responsiveness for appropriate filtering tests (some test will only work for example on UNIX machines or on IIS servers).
Step 2: Site crawling and structure mapping
- The first file on the site is retrieved. This is determined by the start URL (e.g., http://192.168.0.28:80/ will load the main index.html).
- robots.txt and sitemap.xml are parsed.
- Recieved responses are parsed to detect links, forms, input fields, parameters and client side scripts. This contributes to building a list of directories and files within the site.
- All files detected in step 3 are traversed and processed.
Note: If AcuSensor technology is used a list of files will be accurately retrieved directly from the server.
Step 3: Pattern analysis is performed against the site structure determined in step 2
- Acunetix launches a number of security checks against the target website depending on the chosen scanning profile.
- As Acunetix discovers vulnerabilities alerts are reported under the Web Alerts node in real-time. Each alert produces detailed information about the vulnerability, recommendations on how to fix it, as well as several links through which the user can learn more about the reported vulnerability and how to fix it.
- If AcuSensor Technology is enabled, debug information will also be reported, like the SQL query vulnerable to SQL injection and the line of vulnerable code responsible for the exploit.
After a scan is completed it may be saved to file for later analysis and for comparison to previous scans. Scan results can also be exported to AVDL and XML format, and the Acunetix Reporter tool can also generate reports based on a number of professional and regulatory compliance standards.