Acunetix Web Vulnerability Scanner (WVS) uses “session-in” and “session-out” patterns in order to detect if a logged in session on your website is invalidated and if need to be re-established. Acunetix WVS uses the recorded login sequence defined by the user, to automate the log-in procedure required during a scan. Since Acunetix WVS accesses several […]
We are pleased to announce the appointment of Infrasec AG as Acunetix distributor for the German market. Infrasec is now responsible for coordinating the Acunetix reseller distribution channel, reseller trainings and support in Germany. Infrasec was founded in 2009 and has since grown from their head office in Munich. Standing for “Infrastructure and Security” in […]
As application security professionals, we want to get as much as possible out of our security assessments. We’re not only expected to but we’re proud of our work and want to provide the best results and most value possible. As I’ve written in a previous article about how to plan your web security assessments, ensuring you […]
An Acunetix Web Vulnerability Scanner Scanning Profile defines which tests to launch against the target website. For example, if you wish to test a website against Cross-Site Scripting (XSS) vulnerabilities, simply select the XSS Scanning Profile. You can also create a new Scanning Profile which includes specific web application vulnerability checks or modify existing scanning profiles.
We are pleased to announce an updated build of Acunetix Web Vulnerability Scanner 8 (WVS 8). The new build 20120613 offers a number of new security checks, new scanner funtionalities, improvements and bug fixes.
LinkedIn, one of the biggest professional social networks, has suffered a major breach of its user password database. The attack was confirmed on Wednesday afternoon by Vicente Silveira, Director at LinkedIn, and was followed by an apology to the affected LinkedIn users who now have a hacked password. A file containing nearly 6.5 million hacked […]
Both Acunetix Web Vulnerability Scanner and Acunetix Online Vulnerability Scanner provide options for selecting specific types of vulnerability checks to run against your site, such as SQL injection or Cross-Site Scripting checks. This can be done by selecting one of a number of predefined Scanning Profiles. Each Scanning Profile is a logical grouping of scripts […]
Since I first got involved with information security I’ve been a strong proponent of focusing on the common sense basics. We all know what needs to be done yet I see fundamental web security problems in practically every assessment I perform. From passwords to patches to input validation and beyond, there’s so much out there […]
Among many advanced penetration testing tools provided, Acunetix Web Vulnerability Scanner (WVS) offers you the HTTP Sniffer tool. With the HTTP Sniffer you can capture, trap, analyze and even modify any HTTP traffic that the sniffer is listening to, e.g. port 8080. The Acunetix HTTP Sniffer is a combination of a proxy server and a […]
When you install WordPress your default administrator username will be ”admin”, unless you specify another name. By logging into your WordPress admin account you have full permissions to access the WordPress directories and dashboard, meaning that you can control your entire website. If you don’t change your default WordPress admin username, a hacker can easily break into […]