Start Back Next End Contents



  • 1. Introduction to Acunetix Web Vulnerability Scanner
  •    Why You Need To Secure Your Web Applications
  •        The need for automated web application security scanning
  •    Acunetix Web Vulnerability Scanner
  •        How Acunetix WVS Works
  •    Acunetix AcuSensor Technology
  •        Advantages of using AcuSensor Technology
  •    Acunetix WVS Program Overview
  •        Web Scanner
  •        AcuSensor Technology Agent
  •        Port Scanner and Network Alerts
  •        Target Finder
  •        Subdomain Scanner
  •        Blind SQL Injector
  •        HTTP Editor
  •        HTTP Sniffer
  •        HTTP Fuzzer
  •        Authentication Tester
  •        Web Services Scanner
  •        Web Services Editor
  •        WVS Scripting tool and Acunetix SDK
  •        Reporter
  •    What’s new in Acunetix WVS Version 7
  •    Acunetix training and Support
  •    Licensing Acunetix
  •        Perpetual or Time Based Licenses
  •        Small Business Edition 1 Site/Server
  •        Enterprise Edition Unlimited Sites/Servers
  •        Consultant Edition
  •        Limitations of Evaluation Edition
  • 2. Installing Acunetix WVS
  •    System Minimum Requirements
  •    Installing Acunetix Web Vulnerability Scanner
  •    Installing the AcuSensor Agent
  •        AcuSensor agent for .NET
  •        AcuSensor agent for PHP
  •            Method 1: .htaccess file (Apache)
  •            Method 2: php.ini (IIS and Apache)
  •        Testing your AcuSensor Agent
  •    Disabling and uninstalling the Sensor
  •        Acusensor for .NET
  •        Acusensor for PHP
  •    Configuring an HTTP Proxy or SOCKS proxy Server
  •        HTTP Proxy Settings
  •        SOCKS Proxy Settings
  •        HTTP Proxy Settings (For program updates)
  •    Upgrading a previous version of Acunetix
  • 3. Scanning Your Website
  •    Introduction
  •    Step 1: Select Target(s) to Scan
  •    Step 2: Confirm Targets and Technologies Detected
  •    Step 3: Specify Crawler Options
  •    Step 4: Specify Scanning Profile and Mode
  •        Scanning Profile
  •        Scan Options
  •    Step 5: Configure Login for Password Protected Areas
  •        Scanning a HTTP password protected area:
  •            HTTP authentication options
  •        Scanning a form based password protected area:
  •    Step 6: Configure Custom 404 Error Pages
  •    Step 7: Select the Files and directories to Scan
  •    Step 8: Completing the scan
  • 4. Analyzing the Scan Results
  •    Introduction
  •    Web Alerts node
  •        Marking an Alert as a False Positive
  •    Network Alerts Node
  •    Port Scanner Node
  •    Knowledge Base Node
  •    Site Structure Node
  •        Grouping of Vulnerabilities
  •        Saving a Scan Result
  • 5. Generating a Report from the results
  •     Introduction to the Reporter
  •    Generating a Report from the Scan Results
  •    Developer Report
  •    Executive Report
  •    Vulnerability Report
  •    Scan Comparison Report
  •    Statistical Reports
  •    Compliance Reports
  •    Customizing the Report Layout
  •        Report Options
  •        Page Settings
  •    The Report Viewer
  •    Using Microsoft SQL
  • 6. Site Crawler Options
  •    Introduction
  •    Starting a Website Crawl
  •    Crawler options
  •    File Extension Filters
  •    Directory and File Filters
  •    URL Rewrite rules
  •            Adding a URL rewrite rule manually
  •            Importing a URL Rewrite rule configuration from an Apache web server
  •    Custom Cookies
  •    Traversing Web Form pages
  • 7. Manual crawling with the HTTP Sniffer Tool
  •    Introduction
  •    Configuring the HTTP Sniffer
  •        Mozilla Firefox
  •        Internet Explorer
  •        Google Chrome
  •    Capturing HTTP traffic
  •    HTTP Sniffer Trap Filters
  •        Creating a HTTP Sniffer Trap Filter
  •        The Trap Form
  •    Editing a HTTP Request without a Trap
  • 8. Compare Results Tool
  •     Introduction
  •    Comparing Results
  •     Analyzing the Results Comparison
  • 9. Scanning Web Services
  •    Introduction
  •    Starting a Web Service Scan
  •    Web Services Editor
  •        Importing WDSL and Sending Request
  •        Response Tab
  •        Structured Data Tab
  •        WSDL Structure Tab
  •        WSDL Tab
  •     HTTP Editor Export
  • 10. Command Line Operation
  •     Introduction
  •     WVS Console Scanner Command Line Parameters
  •    WVS Console Scanner Command Line Options
  •    The Acunetix WVS console Reporter
  •    The Acunetix WVS console Reporter command line options
  • 11. The Scheduler
  •     Introduction
  •    Creating a Scheduled scan
  •    Scheduler Settings
  •        General settings tab
  •        Email notifications settings tab
  •    Scheduled Scans controls
  • 12. Other Acunetix WVS tools
  •    The Target Finder
  •    The Subdomain scanner
  •    The Authentication tester
  •    Login Sequence Recorder
  •        Creating or editing login sequences
  •            Editing a Login Sequence
  •            Marking Pages for Manual Intervention (human input is required)
  •     The HTTP Fuzzer tool
  •    The HTTP editor tool
  •    The SQL injector tool
  • 13. Advanced Configuration Options
  •    Introduction
  •     Client Certifications
  •    Logging
  •    Scanner Settings
  •    Headers and Cookies
  •    Parameter Exclusions
  •            Adding a parameter to the exclusion list
  •     GHDB (Google Hacking Database) options
  •    Port Scanner Settings
  •    False Positives
  •    General
  •            Updates
  •            HTTP General
  •            Memory Optimization
  •            Password Protection
  •    Scanning Profiles
  •        Default Scanning Profiles
  •        Creating/Modifying Scanning Profiles
  •            Creating a new Scanning Profile
  •            Modifying a Scanning Profile
  •    Creating custom vulnerability checks
  • 14. Troubleshooting
  •    Obtaining support
  •    Request Support via E-Mail
  •    Acunetix Blog
  •    Acunetix Facebook page
  •    Knowledge base / Help / Support page