10
Introduction to Acunetix Web Vulnerability Scanner
Acunetix Web Vulnerability Scanner
Scheduler Application
The scheduler application ensures enhanced flexibility and automation when
launching all types of scans including concurrent and/or sequential scans of
single or multiple websites.
Schedule such tasks as automated web crawling and scanning at a time
most convenient to you. Tasks may be run daily, weekly, monthly, at certain
times and/or continuously within a queue.
Scheduling runs as a service with the related management console enabling
users to fully and easily configure scanning, crawling, logging and saving of
results features. Relevant schedule logs
provide users with detailed
information on the scheduled queues.
Command Line
The Command Line support
provides a command line interface that gives
you the power of Acunetix WVS without the usual graphical user interface.
It allows you to use WVS directly from the command prompt and from batch
files and script languages, making it ideal for automating repetitive tasks. A
comprehensive set of command line parameters gives you direct control over
the WVS features.
The WVS Command Line supports the normal tasks for automated scanning
as well as support for tasks related to Web Services.
URL Rewrite Support
The idea behind URL Rewriting (for example: “mod_rewrite”) is to use a rule-
based rewriting engine (based on a regular-expression parser) to rewrite
requested URLs on the fly.
The URL Rewrite configurations may
be setup in Acunetix WVS to support
the proper crawling of such websites. The configuration
may
be done
manually by defining custom rulesets and also by importing the rules directly
from Apache httpd.conf or .htaccess files.
Detects Google Hacking Vulnerabilities
Google hacking is the term used to refer to when a hacker
tries to find
exploitable targets and sensitive data by using search engines. The Google
Hacking
Database (GHDB) is a database
of queries that identify sensitive
data. Although Google blocks some of the better known Google hacking
queries, a hacker may still crawl your site and launch Google Hacking
Database queries directly onto the crawled content.
The Google hacking feature will launch all the queries found in the Google
hacking database, onto the crawled content of your website thus finding any
sensitive data or exploitable targets before a “search engine hacker” does.
The Google hacking feature is a unique, industry first feature.
The Google Hacking Database is located at http://johnny.ihackstuff.com and
looks for the following information:
Advisories and server vulnerabilities
Error messages that contain too much information
Files containing passwords
Sensitive directories
Pages containing logon portals
 |
 |
 |