42
Getting Started: Scanning Your Website
Acunetix Web Vulnerability Scanner
Submit forms – With this option enabled any forms encountered during
the scan will be automatically submitted with test-data. To instruct WVS
to submit specific data in a particular form you can navigate to the HTML
Forms setting: Configuration > Settings (in Tools Explorer) > Scanner
Settings > HTML Forms (in the Settings Interface) node. (For full details
on how to configure the Acunetix WVS see Chapter 0 on page 131 of this
manual).
Retrieve and process robots.txt, sitemap.xml
–
Select this option to
have Acunetix WVS look for a robots.txt file and follow all the links in it.
Case insensitive paths –
Select this option to ignore any case
difference in the links found on the website. E.g. “/Admin” will be
considered the same as “/admin”
Analyze JavaScript
–
Select this option to activate the Client Script
Analyzer (CSA) during crawling. This will execute JavaScript/AJAX code
on the website to gather a more complete site structure.
After crawling let me choose the files to scan – Select this option to
present a window at the end of the crawling process which lets you select
which files from the site structure to actually scan.
Click Next.
4.5
Step 4: Specify Scanning Profile Options and Mode
1. In this dialog you can configure the scanning profile
and scan options,
including the options for the scanning mode.
Scanning Profile
The Scanning Profile will determine which tests are to be carried out on the
target site.
For example, if you only want to test your website(s) for SQL injection, you
would select the sql_injection profile and no additional tests would be
performed.
 |
 |
 |