acunetix_logo_blog_post_100x74

Featured Article

Acunetix WVS v9.5 build 20140902 detects Hibernate Query Injection, Format Strings and more

September 02, 2014 - 11:30am

Acunetix Web Vulnerability Scanner version 9.5 build 20140902 has been updated to include new vulnerability checks, including detection of Hibernate Query Injection, format strings vulnerabilities, MySQL username disclosure and others, including some, in well-known web applications. This new build also ... [+]


Resized IT PArtners image 2

Acunetix Participates in IT Partners Trade Show, Paris

Disneyland Village, Paris, played host to the 2014 IT Partners Trade show which was abuzz with over 12,400 IT professionals in attendance. The trade show was held on the 4th and 5th February 2014, and it proved to be an … [+]

Acunetix Joins the WIVET Assessment Leaders

How Acunetix Compares with Other Web Application Scanners

Acunetix is once again confirmed as one of the leaders in web application scanning with a 100% detection accuracy and 0% false positives for Reflected Cross-Site Scripting and SQL Injection vulnerabilities, together with a leading WIVET assessment score. In the … [+]

Acunetix Web Vulnerability Scanner v9, build 20131216 includes a new PCI 3.0 compliance report and several new tests

Finding the Source of a DOM-based XSS Vulnerability with Acunetix WVS

DOM-based XSS involves the execution of a payload as a result of modifying the DOM inside the browser used by a client side script. Since the payload resides in the DOM, the payload may not necessarily be sent to the … [+]

Top 10 Insider Threats and How to Protect Yourself

Insider Threats: Dealing with the Enemy Inside

For companies, threats come from two sources—outside the organization and inside (reads: disgruntled, unethical employees). Insider threats can be very difficult to handle and the number of annual incidents is on the rise. The insider threat can come in several … [+]

breach-attack-acunetix-vulnerability-scanner

BREACH attack

The BREACH attack, abbreviated from Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext, is an attack similar to the CRIME attack. Both attacks are compression side channel attacks, however CRIME targets information compressed in HTTP requests through TLS compression, … [+]

The importance of Internal Web Security Assessments

The importance of Internal Web Security Assessments

What do things look like on the outside? That’s the main focus we have as human beings. But beauty is only skin deep. As with relationships and leaked NSA documents, we quickly discover that what’s on the inside is just … [+]

Service Side Request Forgery (SSRF) Attack Alert in Acunetix

Server Side Request Forgery (SSRF)

A Server Side Request Forgery (SSRF) attack gives an attacker the ability to use your web application to send requests to other applications running on the same machine, or to other servers which can be on the same or on … [+]

Automatic detection of XXE vulnerabilities in OpenID implementations using Acunetix AcuMonitor

Automatic detection of XXE vulnerabilities in OpenID implementations using Acunetix AcuMonitor

Reginaldo Silva recently uncovered a very interesting bug affecting Facebook (and received $33,500 for this discovery). The bug is caused by improper handling of XML documents in OpenID implementations causing XML External Entity Expansion vulnerabilities. He mentioned in his article … [+]

Acunetix logo

Acunetix Web Vulnerability Scanner v9, build 20140206 includes several new tests for vulnerabilities on well-known web applications

Acunetix Web Vulnerability Scanner version 9, build 20140206 is able to scan WordPress more efficiently, and includes various new checks for vulnerabilities in well-known systems such as MediaWiki, IBM Web Content Manager, Joomla! and Oracle. New Functionality in Acunetix Web … [+]

Systex 2013 resized

Systex IT Technology Forum

Organized by Systex, a leading IT services provider in Taiwan, the IT Technology Forum was held on the 12th of December 2013. The event was a next generation and security technology seminar aimed at introducing the latest technologies to the … [+]