Screenshot – The Reporter Application
The Acunetix Web Vulnerability Scanner Reporter is a standalone application that allows you to generate reports for the security scans performed using Acunetix Web Vulnerability Scanner. The Reporter can be launched after completing a scan, or from the Acunetix Web Vulnerability Scanner program group, and can be used to generate various types of reports including developer reports, executive reports, compliance standard reports or a report that compares the results of two scans.
Generating a Report from the Scan Results
There are two ways to generate a report. After scanning a site, click on the Report button on the Acunetix toolbar. This will start the Acunetix Web Vulnerability Scanner Reporter and will load the Default Report for the scan. The Default Report used can be selected from the Reporter Settings.
Screenshot – Sample Report
The second method is to load the Acunetix Web Vulnerability Scanner Reporter from the Acunetix Web Vulnerability Scanner Program Group. This will allow you to report on the scans that have been saved to the Reports database.
- From the Reports list, select the type of report and click on ‘Report Wizard’.
- In the case of Compliance Report, select the Regulatory body or Standard to be used in the report. Click ‘Next’.
Screenshot - Select Compliance Report
- You can then select to show the results of all the scans stored in the reports database or to filter the scans that are displayed based on specific scan criteria. Click ‘Next’.
Screenshot - Filter Scans
- Select the scan that you would like to report on.
Screenshot - Select Scan
- Select what properties and details the report should include. The Report Properties will vary depending on the type of report that you are generating.
Screenshot - Select Report Properties
- Click the ‘Generate’ button to generate the report.
- Once the report is generated, it can be printed or exported in various formats including PDF, Word and HTML.
The Reporter settings allow you to configure the layout and style of the generated reports. To access the report settings navigate to the ‘Configuration > Settings’ node in the Reporter Tools Explorer.
From the Report Options node, you can customize the layout, titles, and images in the headers of the report.
Screenshot - Reporter Options
General Settings - Configure the default report template for generating a report.
Report Options - Select custom icons, logos, headers and footers to customize the report.
From the Page Settings node you can configure the default page size, orientation and margins of your reports.
These settings will apply to all reports.
Once you have generated your report, you can use the toolbar at the top to save the report in PRE (prepared reports) format, which will allow you to review the report later. You can also export the report to PDF, HTML, Text, Word Document and BMP or print the report.
Changing the Reporter Database
Acunetix Web Vulnerability Scanner stores the scan results in a backend database. By default, Microsoft Access is used. You might want to switch to using Microsoft SQL server. This is recommended when scanning a lot of sites or larger sites. This can be done as follows:
- Navigate to the ‘Configuration > Application Settings > Database’ node in the Acunetix Web Vulnerability Scanner interface. Select MS SQL Server from the ‘Database Type’ drop down menu.
- Enter the Server IP or FQDN in the ‘Server’ text box and the credentials to connect to the server in the ‘Username’ and ‘Password’ text box. Only SQL Authentication is supported.
- Specify a database name in the ‘Database’ text box. If the database does not exist it will be automatically created. If the database specified already exists, you will be prompted with a confirmation to overwrite the current database structure and data.
Note: The creation of the database requires a user with SQL Administrator privileges. Once the database is created, you can change the SQL credentials to a user account with read and write permissions on the database.
It is also possible to import a database configuration file. Select ‘Import Database Configuration’ and select a ‘*.dbconfig’ file generated by the Acunetix Enterprise Reporter to automatically import SQL database settings.