Scanning for vulnerabilities using Custom Cookies

With Acunetix Web Vulnerability Scanner (WVS), you can create a custom cookie which can be used during a website crawl to emulate a user or to automatically login to a section of the website without requiring the Login Sequence Recorder.

custom cookies

In order to add a custom cookie:

  1. Navigate to Configuration > Scan Settings > Custom cookies node.
  2. Click on the Add Cookie button to add a new blank cookie to the list.
  3. Enter the URL of the site for which the cookie will be used in the URL column. The HTTP protocol will be used if no protocol is specified in the URL.
  4. Enter the custom string that will be sent with the cookie in the Cookie String column. e.g. if cookie name is Cookie_Name and content is XYZ enter Cookie_Name=XYZ.
  5. Click Apply to save the changes.

Tick the option “Lock custom cookies during scanning and crawling” so to never overwrite the custom cookies with new ones sent from the website during a crawl or scan.

Share this post

Leave a Reply

Your email address will not be published.