How to pre-seed a crawl using a Fiddler Session Archive (.saz file)

As from Acunetix WVS v10, an Acunetix crawl can be pre-seeded using various techniques, one of which is by using a Fiddler Session Archive, which are generally stored as .saz files. This is very useful when connections to the web site that is to be assessed have already been proxied through Fiddler as part of the overall pen test.

Pre-seeding an Acunetix Crawl with such data gives the Acunetix Crawler a head start when scanning the site, while ensuring that the requests already proxied through Fiddler are not missed by the Acunetix Crawler. This may happen when there are parts of the site which are not linked to from the main web site.

Here is to how to go about pre-seeding an Acunetix Crawl using a Fiddler Session Archive:

    1. After proxying traffic for the website through Fiddler, save the traffic to a Fiddler Session Archive from Fiddler > File > Save > All Sessions. Save the sessions to a .saz file.
    2. From Acunetix, click on New Scan to start the new scan wizard.
    3. Insert the website URL of the site you want to scan and click Next.
    4. Choose the Scanning profile and the Scan Settings to use.
    5. Select to “Show advanced options in the scan wizard” and click Next.
    6. Choose the option “Define a file to be imported by crawler at start”.
    7. Insert the path to the .saz file, or click the folder icon and select the file using the File-open dialog.
    8. Proceed through the Scan Wizard to start the scan.
    9. Acunetix WVS will immediately import the urls from the Fiddler Session Archive which match the URL being scanned.HTTP Sniffer
    10. Proceed through the Scan Wizard to start the scan.
    11. Acunetix WVS will immediately import the urls from the Fiddler Session Archive which match the URL being scanned.

Read about other ways to pre-seed an Acunetix Crawl

Share this post

Leave a Reply

Your email address will not be published.