As a pattern and weakness analysis tool Acunetix Web Vulnerability Scanner executes vulnerability scans as 3 sub-tasks:
Step 1: Target identification
- WVS checks that the target(s) are in fact running a web server and hence a site or a list of sites.
- Information about the site(s) technology used is detected, and web server discovery is used to establish server-type and responsiveness for appropriate filtering tests (some test will only work for example on UNIX machines or on IIS servers).
Step 2: Site crawling and structure mapping
- The first file on the site is retrieved. This is determined by the start URL (e.g., http://192.168.0.28:80/ will load the main index.html)
- robots.txt and sitemap.xml are parsed
- Sent requests are parsed to detect links, forms, client side scripts and images. This contributes to building a list of directories and files within the site.
- All files detected in step 3 are traversed and processed.
Note: If AcuSensor Technology is used a list of files will be accurately retrieved directly from the server.
Step 3: Pattern analysis is performed against the site structure determined in step 2
- Every test marked as Enabled in the scanning profile is passed to the Vulnerability editor module.
- The requests needed for each test are passed from the Vulnerability Editor to the appropriate test DLL modules. For every test which is done the executor will determine whether the test was successful or failed (Failed = vuln not found).
- The Editor will notify the scanner about every successful test and the severity of every vulnerability will be reported.