acx_logo

Featured Article

More comprehensive scanning with Acunetix WVS v9.5 – Part I

May 05, 2014 - 08:15am

In these 2 articles, I will be detailing the new functionality introduced in Acunetix WVS version 9.5. An important update introduced in the new version of Acunetix WVS is full JSON and XML support. If you are scanning a web ... [+]


National Weather Service Hacked

National Weather Service Hacked

The National Weather Service has been hacked by the Kosova Hacker’s security group, leading to sensitive server information being leaked. The group managed to hack into the server using a Local File Inclusion (LFI) vulnerability in the weather.gov website. … [+]

What can Developers do to Better Protect PII?

What can Developers do to Better Protect PII?

A client of mine recently asked me if I had any Web development related tips for dealing with Personally Identifiable Information (PII). With this being an information security 101 type question, I had to think about it for a bit. … [+]

One Thing That Can Buy You More Web Security Than Just About Anything Else

One Thing That Can Buy You More Web Security Than Just About Anything Else

There is no magic bullet when it comes to web security. That said, there is one thing that can buy you more security than practically anything else. It’s your passwords. Your choice in – and management of – your web … [+]

Acunetix Web Vulnerability Scanner Version 8 build 20121003 released

Acunetix Web Vulnerability Scanner Version 8 build 20121003 released

The new Acunetix Web Vulnerability Scanner 8 build includes a new crawler feature to automatically ignore duplicate input schemes in the same directory. With this new crawler feature, scans will take less time to complete and less traffic is generated … [+]

HTML Form Found in Redirect Page Web Vulnerability

HTML Form Found in Redirect Page Web Vulnerability

When creating a password protected section for a website, such as an admin portal for a CMS solution, typically developers check if the user session is authenticated. If the user session is not authenticated, the user is redirect to the login page. … [+]

How Aware Do We Have to be Not to Fall for the Bad Guys Antics?

How Aware Do We Have to be Not to Fall for the Bad Guys Antics?

Criminal hackers are getting more and more creative in their phishing and social engineering attacks on the web. This not only puts your website in the crosshairs but also your own personal information. A common question that comes up is: … [+]

Configuring Automatic Session Detection in Acunetix WVS

Configuring Automatic Session Detection in Acunetix WVS

When scanning a website with a passwords protected area, Acunetix Web Vulnerability Scanner uses user specified ‘In Session’ or ‘Out of Session’ patterns to determine if the logged in session is still valid or not. If the logged in session … [+]

What's the Best Way to Find Web Security Flaws?

What’s the Best Way to Find Web Security Flaws?

With all of the potential ways the bad guys can exploit websites (literally thousands), many people want to know what the best way is to actually uncover these flaws. Well, there’s no magic bullet answer, however, generally speaking Web flaws … [+]

How to Scan a Shopping Cart with an Automated Security Scanner

How to Scan a Shopping Cart with an Automated Security Scanner

Many of today’s large scale websites are template based. This means that most of the website pages which users visit are usually built from the same template file. Thus it is normal for a template based websites to be made … [+]

New Features and Security Checks Added to Acunetix Web Vulnerability Scanner 8

New Features and Security Checks Added to Acunetix Web Vulnerability Scanner 8

The new build of Acunetix Web Vulnerability Scanner released today includes a number of new features, new security checks and also a number of bug fixes. Ideal for scanning and securing today’s complex custom web applications, the main new feature … [+]