11
Introduction to Acunetix Web Vulnerability Scanner
Introduction to Acunetix Web Vulnerability Scanner
11
Pages containing network or vulnerability data such as firewall logs.
For further reference please visit:
Extend Attacks with the HTTP Editor and Sniffer
With the HTTP
Editor, you may
construct HTTP/HTTPS
requests and
analyze the related responses of the web server. Thus the feature allows you
to perform and test for custom SQL injection and cross site scripting attacks.
With the HTTP Sniffer
you can log, intercept and modify all HTTP/HTTPS
traffic, giving you an in-depth knowledge of the data sent by your web
application.
In-Depth Testing with the HTTP Fuzzer
The HTTP
Fuzzer
tool allows sophisticated testing for buffer overflows and
input
validation. With it, you can create rules to automatically test a range of
variables.
A simple example would be the following URL:
Using the HTTP
Fuzzer
you could create a rule which would automatically
replace the last part of the URL - ‘1’ -
with numbers between 1 – 999. Only
valid results will be reported. This degree of automation allows you to quickly
test the results of a 1000 queries while significantly reducing the amount of
manual input.
Login Sequence Recorder for Protected Areas
The recorder allows you to scan password-protected sections of your
website. Simply use the login sequence tool to provide Acunetix WVS with
single or multiple login details. In addition, you can provide the scanner with
links it should not crawl, for example, a logout link.
Automatic HTML Form-filler
When the crawler
encounters an HTML form, it can be instructed to use
certain input values when submitting this form.
This way you can automatically test your website for different types of inputs.
Crawl Flash Files
Acunetix WVS analyzes flash files looking for both links to follow and HTML
code.
Test Password Strength of Login Pages
With the authentication tester, you can audit password protected pages by
launching a dictionary attack.
Vulnerability Editor
Create custom web attack
checks or modify existing ones with the
Vulnerability editor.
Supports All Major Web Technologies
Acunetix WVS supports scanning for vulnerabilities in websites that use any
of the major development technologies, including ASP, ASP.NET, PHP and
 |
 |
 |