It is possible to manually crawl your website with Acunetix WVS using a web browser. Using the resultant — and manually crawled — links, it is then possible to build a website structure that will be targeted during the security scan. This is useful for scanning specific web applications that cannot be automatically crawled due to some strange coding ambiguities. The following procedure offers a reliable workaround:
1. Configure the web browser
Configure your web browser of choice to proxy all the traffic through the Acunetix WVS HTTP Sniffer tool, as shown in the above screen shot. Presuming that the web browser is running on the same machine where Acunetix WVS is installed, set the proxy server IP to 127.0.0.1 and the proxy server port to 8080.
2. Start the HTTP Sniffer and browse the website using the previously configured web browser.
3. Once ready, stop the HTTP sniffer. Save captured data by selecting ‘Save Logs’ from the Actions drop down menu.
4. Import Logs to Crawler
It is also possible to import HTTP Sniffer logs to an already existing scan, or import multiple HTTP Sniffer logs into the same crawl. To do so, simply tick the option “Merge the log9s0 with the currently opened crawl results in the HTTP Sniffer Log import window as highlighted below.
5. Save the crawler import results by selecting ‘Save Results’ from the Actions drop down menu.
6. Launch the Scan
Click on the New Scan button to launch the scan wizard. In the first step of the Scan Wizard select the option ‘Scan using saved crawling results’ as highlighted in the above screen shot. Proceed with completing the scan wizard to launch the automated scan against the manually browsed website.
Only the links you’ve manually crawled will be automatically scanned. Other pages in the website, even those linked from manually crawled pages will not be crawled or scanned.