How does the Acunetix WVS perform a scan and determine vulnerabilities?

Resolution
Acunetix Web Vulnerability Scanner is a pattern and weakness analysis tool. It conducts a web site vulnerability scan in three main steps:

Step 1: Identifies the targets

1. Checks that the target(s) are in fact running a web server and hence a site or a list of sites.
2. Detects information about the site(s) technology used, confirms the web server is responsive and builds initial knowledge discovery used later for the filtering of the tests, (some test will only work for example on UNIX machines or on IIS servers).

Step 2: Crawls and builds a structure of the web site

1. Retrieves the first file from the site, determined by the start URL (e.g., http://192.168.0.28:80/ will load the main index.html)
2. Gets robots.txt, favicon.ico
3. When a request is done it parses the file received looking for links, forms, client side scripts and images. This will help build a list of find directories and files within the site.
4. Traverses and processes any file found as in step 3.

Step 3: Performs a pattern analysis on the results from the site(s) structure determined in step 2

1. Passes every test marked as Enabled in the scanning profile to the Vulnerability editor module.
2. The Vulnerability Editor module will launch the requests needed by the tests to the appropriate test DLL modules. For every test which is done the executor will determine whether the test was successful or failed (Failed = vuln not found).
3. If there is a successful test the Editor will notify the scanner that a vulnerability was detected. It will also report the gravity of the vulnerability.