How to scan an HTTP password protected area

There are 2 types of password protected areas: HTTP Password protected areas: These are generally managed by the web server, and the user is prompted with a password dialog. Form-based restricted areas: This type of authentication is handled by the web application. The credentials are requested using a web form. This article explains how to […]

Read More →

Alliance Training Courses Improve Acunetix User Skills

Alliance Technology Partners, partnering with Acunetix since 2007, have announced they shall be offering Acunetix Training Courses, delivered via the web, by two of their senior security engineers. This Basic Training 3 hour course, is highly interactive and tailored to the users’ experience level and particular needs. Alliance security engineers are trained directly by Acunetix […]

Read More →

Acunetix WVS v9.5 build 20140902 detects Hibernate Query Injection, Format Strings and more

Acunetix Web Vulnerability Scanner version 9.5 build 20140902 has been updated to include new vulnerability checks, including detection of Hibernate Query Injection, format strings vulnerabilities, MySQL username disclosure and others, including some, in well-known web applications. This new build also optimises existing checks, including its XSS and SQL Injection detection scripts. The following is a […]

Read More →

Common Platform Enumeration (CPE) Explained

When running a Network Scan on your perimeter server using Acunetix Online Vulnerability Scanner (OVS), one of the Informational alerts shown in the scan results is the CPE Inventory. The data that is collected during the scan is aggregated using the CPE standard, originally defined by MITRE, and is maintained by the U.S. National Institute […]

Read More →

Acunetix WVS v9.5 Build 20140602 – New Security Tests

Each Acunetix WVS update generally includes new vulnerability tests or an improvement to existing checks. This post summarizes the new security tests added in the latest Acunetix WVS update. Cross Domain Data Hijacking A website is vulnerable if an attacker can create/upload a malicious Flash (SWF) file or control the top part of any page. Acunetix WVS includes […]

Read More →

Acunetix WVS v9.5 build 20140602 includes new vulnerability checks for popular web applications and platforms

Acunetix Web Vulnerability Scanner version 9.5, build 20140602, identifies new vulnerabilities in Google Web Toolkit™, Joomla!, Parallels Plesk, nginx, and a number of WordPress plugins including the popular All in One SEO plugin. The following is the full list of updates included in this release. New Functionality Added a check for Open Flash Chart ‘ofc_upload_image.php’ […]

Read More →