Identify the Heartbleed Bug with Acunetix Vulnerability Scanner

Featured Article

The Aftermath of the Heartbleed Bug

April 17, 2014 - 09:34am

The Heartbleed bug, a security flaw in the popular OpenSSL library used for data encryption, has taken the web security world by storm, and the victim toll has started to rise. The first reported victims include the Canada Revenue Agency ... [+]


Automated Detection of Host Header Attacks

Automated Detection of Host Header Attacks

Automated scanning for certain classes of vulnerabilities is now possible with AcuMonitor, a service available for Acunetix Web Vulnerability Scanner version 9. One of these new classes of vulnerabilities is Host Header attacks. To display the contents of a website, … [+]

Acunetix Web Vulnerability Scanner Announces Full HTML5 Support

Acunetix Web Vulnerability Scanner Announces Full HTML5 Support

As new technologies bring new security risks to light, Acunetix steps up to the challenge with the most comprehensive crawling and scanning technology in the market yet. MALTA, 15 August 2013 – Acunetix today announced the 9th release of its award-winning Web Vulnerability … [+]

Detect Email Header Injection Vulnerabilities with Acunetix WVS v9

Email Header Injection Web Vulnerability

What is Email Header Injection? Email Header Injection is a web security vulnerability exploited by spammers to send email anonymously. It occurs in web applications that do not properly sanitize user input when preparing and sending email messages. Email Header … [+]

XML External Entity (XXE) Vulnerabilities

XML External Entity (XXE) Vulnerabilities

The XML standard defines a concept of an external general parsed entity (also shortened to external entity) that can access local or remote content via a declared system identifier. During XML parsing, the XML processor will replace such entities with … [+]

DOM-based Cross-Site Scripting (XSS) Explained

What is DOM XSS? In order to understand DOM XSS, we need to describe a bit what DOM is, and why is it relevant to this context. The Document Object Model is a convention for representing and working with objects … [+]

Blind XSS: The Ticking Time Bomb of XSS Attacks

Blind XSS: The Ticking Time Bomb of XSS Attacks

What is Blind XSS? Blind XSS is a flavor of cross site scripting (XSS), where the attacker “blindly” deploys a series of malicious payloads on web pages that are likely to save them to a persistent state (like in a … [+]

Lessons Learned From A Web Security Breach

Lessons Learned From A Web Security Breach

There’s a lot of focus on proactive security testing and rightly so. It’s the best way to stay out of hot water. But what happens when the going gets tough and you end up missing a vulnerability that leads to … [+]

Application security calls for a proactive approach

Application Security Calls For A Proactive Approach

Error! That’s something we don’t have much room for in application security. Yet we leave so much to chance. The only reasonable way to find the flaws that matter – and to keep up – is to use automated tools … [+]

The Top 5 Network Security Vulnerabilities that Are Often Overlooked

The Top 5 Network Security Vulnerabilities that Are Often Overlooked

Your network security is just as important as securing your web site and related applications. Networks, because of the sensitive data they usually give access to, are one of the most targeted public faces of an organization. Here are the … [+]