Start Back Next End Contents



  • 1. Introduction to Acunetix Web Vulnerability Scanner
  •    Why You Need To Secure Your Web Applications
  •        The need for automated web application security scanning
  •    Acunetix Web Vulnerability Scanner
  •        How Acunetix WVS Works
  •    Acunetix AcuSensor Technology
  •        Advantages of using AcuSensor Technology
  •    Acunetix WVS Program Overview
  •        Web Scanner
  •        AcuSensor Technology Agent
  •        Port Scanner and Network Alerts
  •        Target Finder
  •        Subdomain Scanner
  •        Blind SQL Injector
  •        HTTP Editor
  •        HTTP Sniffer
  •        HTTP Fuzzer
  •        Authentication Tester
  •        Web Services Scanner
  •        Web Services Editor
  •        WVS Scripting tool and Acunetix SDK
  •     New to Version 8 of Acunetix WVS
  •    Acunetix training and Support
  •    Licensing Acunetix
  •        Perpetual or Time Based Licenses
  •        Small Business Edition 1 Site/Server
  •        Enterprise Edition Unlimited Sites/Servers
  •        Enterprise Edition Unlimited Sites/Servers x10 instances
  •        Consultant Edition
  •        Consultant Edition x10 instances
  •        Limitations of Evaluation Edition
  • 2. Installing Acunetix WVS
  •    System Minimum Requirements
  •    Installing Acunetix Web Vulnerability Scanner
  •    Installing the AcuSensor Agent
  •        Generating the AcuSensor files
  •        Installing AcuSensor agent for .NET
  •        Installing AcuSensor agent for PHP
  •            Method 1: Apache .htaccess file
  •            Method 2: IIS and Apache php.ini
  •        Testing your AcuSensor Agent
  •    Disabling and uninstalling AcuSensor
  •        AcuSensor for .NET
  •        AcuSensor for PHP
  •    Configuring an HTTP Proxy or SOCKS proxy Server
  •        HTTP Proxy Settings
  •        SOCKS Proxy Settings
  •    Upgrading from WVS 7
  •        Copy recorded login sequences
  •        Migrate reporting database
  • 3. Scanning A Website
  •    Introduction
  •    Step 1: Select Target(s) to Scan
  •    Step 2: Specify Scanning Profile, Scan Settings Template and Crawling Options
  •        Scanning Profile
  •        Scan Settings template
  •        Save scan Results
  •        Crawling Options
  •    Step 3: Confirm Targets and Technologies Detected
  •    Step 4: Configure Login for Password Protected Areas
  •        Scanning a HTTP password protected area:
  •            HTTP authentication options
  •     Step 6: Final wizard options
  •    Step 7: Completing the scan
  •    Step 8: Select the Files and directories to Scan
  • 4. Analyzing the Scan Results
  •    Introduction
  •    Web Alerts node
  •        Marking an Alert as a False Positive
  •    Network Alerts Node
  •    Port Scanner Node
  •    Knowledge Base Node
  •    Site Structure Node
  •        Grouping of Vulnerabilities
  •        Saving a Scan Result
  • 5. Generating a Report from the results
  •     Introduction to the Reporter
  •    Generating a Report from the Scan Results
  •    Affected Items Report
  •    Developer Report
  •    Executive Report
  •    Quick Report
  •    Compliance Reports
  •    Scan Comparison Report
  •    Monthly Vulnerabilities Report
  •    Customizing the Report Layout
  •        Report Options
  •        Page Settings
  •    The Report Viewer
  •    Using Microsoft SQL
  • 6. Site Crawler Options
  •    Introduction
  •    Starting a Website Crawl
  •    Crawler options
  •    File Extension Filters
  •    Directory and File Filters
  •    URL Rewrite rules
  •            Adding a URL rewrite rule manually
  •            Importing a URL Rewrite rule configuration from an Apache web server
  •            Importing a URL Rewrite rule configuration from an IIS web server
  •    Custom Cookies
  •    Traversing Web Form pages
  • 7. Manual crawling with the HTTP Sniffer
  •    Introduction
  •    Configuring the HTTP Sniffer
  •        Mozilla Firefox
  •        Internet Explorer
  •        Google Chrome
  •    Capturing HTTP traffic
  •    HTTP Sniffer Trap Filters
  •        Creating a HTTP Sniffer Trap Filter
  •        The Trap Form
  •    Editing a HTTP Request without a Trap
  • 8. Compare Results Tool
  •     Introduction
  •    Comparing Results
  •     Analyzing the Results Comparison
  •    Introduction
  •    Starting a Web Service Scan
  •    Web Services Editor
  •        Importing WDSL and Sending Request
  •        Response Tab
  •        Structured Data Tab
  •        WSDL Structure Tab
  •        WSDL Tab
  •     HTTP Editor Export
  • 10. Command Line Operation
  •     Introduction
  •     WVS Console Scanner Command Line Parameters
  •    WVS Console Scanner Command Line Options
  •    The Acunetix WVS Console Reporter
  •    The Acunetix WVS console Reporter command line options
  • 11. The Scheduler
  •     Introduction
  •    Configuring the Scheduler service
  •        Configuring the Scheduler web interface
  •        Scan Options
  •        Scanning multiple websites
  •        Configuring Email notifications
  •        Excluded hours templates
  •    Creating a Scheduled scan
  •        Scheduled Scan Basic Options
  •        Scheduled Scan Advanced Options
  •        Scheduled scan results and reports
  • 12. Other Acunetix WVS tools
  •    The Target Finder
  •    The Subdomain Scanner
  •    The Authentication tester
  •    Login Sequence Recorder
  •        Creating or editing login sequences
  •            Editing a Login Sequence
  •            Marking Pages for Manual Intervention (human input is required)
  •     The HTTP Fuzzer
  •    The HTTP Editor
  •    The SQL Injector
  • 13. Advanced Configuration
  •    Application Settings
  •        Application Updates
  •        Logging
  •        HTTP Authentication
  •        Client Certificates
  •        False Positives
  •        Miscellaneous
  •            Memory Optimization
  •            Display Options
  •            Password Protection
  •     Scan Settings Templates
  •        Creating, modifying, or deleting Scan Settings templates
  •         Scanning Options
  •        Headers and Cookies
  •        Parameter Exclusions
  •            Adding a parameter to the exclusion list
  •        GHDB (Google Hacking Database) Options
  •        Crawling Options
  •        HTTP Options
  •            HTTP General
  •            Custom HTTP Headers
  •        LAN Settings
  •        Custom Cookies
  •        Input Fields
  •        AcuSensor
  •        Port Scanner
  •        Custom 404 Error Pages
  •        Scanning Profiles
  •        Default Scanning Profiles
  •        Creating/Modifying Scanning Profiles
  •            Creating a new Scanning Profile
  •            Modifying a Scanning Profile
  •    Creating custom vulnerability checks
  • 14. Troubleshooting
  •    Obtaining support
  •        User Manual
  •        Support
  •        The Acunetix Support Center
  •        Acunetix Forums
  •    Request Support via E-Mail
  •    Acunetix Blog
  •    Acunetix Facebook page
  •    Knowledge base / Help / Support page