How to pre-seed a crawl using a 3rd party command line tool / custom script

As from Acunetix WVS v10, an Acunetix crawl can be pre-seeded using various techniques, one of which is by using a 3rd party command line tool or a custom script. This is very useful when an automated Acunetix scan needs to be done on a website which is already being probed using such custom tools.

Pre-seeding an Acunetix Crawl with such data gives the Acunetix Crawler a head start when scanning the site, while ensuring that the requests already being triggered by 3rd party tools are not missed by the Acunetix Crawler. This may happen when there are parts of the site which are not linked to from the main web site.

Here is to how to go about pre-seeding an Acunetix Crawl using such tools. For the example, we shall use the curl command line tool

  1. Before you start, ensure that the tool supports making requests through a proxy server which can be defined as a command line parameter.
  2. From Acunetix, click on New Scan to start the new scan wizard.
  3. Insert the website URL of the site you want to scan and click Next.
  4. Choose the Scanning profile and the Scan Settings to use.
  5. Select to “Show advanced options in the scan wizard” and click Next.
  6. Choose the option “Use external testing tools during crawl”
  7. Insert the Command line that should be triggered during the crawl. You will need to define the IP address running Acunetix WVS (or localhost), and replace the port with ${proxy-port}
    For our curl example, the Command line can be:
    C:\curl\curl.exe -x${proxy-port}
    crawl importer
  8. Proceed through the Scan Wizard to start the scan.
  9. Acunetix WVS will immediately execute the command line tool and will capture any HTTP requests initiated by the tool.
Share this post

Leave a Reply

Your email address will not be published.