One of the most common methods that hackers use/will use to attack your website is a cross-site scripting (XSS) attack. Basically, an XSS attack is where a hacker will take advantage of an XSS vulnerability to execute a malicious JavaScript when users visit your website….
Better web-pentesting in Windows with AHK
Recently, I have moved to Malta. It’s quite hot here, but as I’m from colder country, I like it very much. Actually, I’m obsessed with everything hot, including hotkeys! Every pentester / researcher / bugbounter / etc has their own approach to doing things in…
Pony: A Breakdown of the Most Popular Malware in Credential Theft
Pony has been around since 2011, but it’s still the biggest threat when it comes to credential theft, according to data from Blueliv’s report, The Credential Theft Ecosystem. It leads the way at 39%, with LokiPWS and KeyBase trailing behind at 28% and 16% respectively….
Visit Us at OWASP AppSec USA 2018!
Acunetix is once again exhibiting at OWASP AppSec USA. This premier application security conference for developers and security experts, provides attendees with insight into leading speakers for application security and cyber security, training sessions on various applications, networking, connections and exposure to the best practices…
Acunetix Team Heads to Comino for an End of Summer BBQ
The beauty of being a company based in Malta is that we get to enjoy good weather and fine seas. As a team building exercise and to close off the Summer season, Acunetix staff hopped onto a private boat to the smallest island of the…
New build adds detection for Web Cache Poisoning, Apache Struts RCE and URL rewrite vulnerabilities
Acunetix version 12 (build 12.0.180911134) has been released. This new build adds two new AcuMonitor checks, detection of Web Cache Poisoning, Apache Struts RCE, URL rewrite vulnerabilities and Drupal Core Open Redirect. This new build has a good number of updates and some important fixes….
Multi-Cloud Design: The Priority Focus Should be on Application Security, Part 2
This is part-2 of a 2 part series that discusses the risks involved for application security in the new multi-cloud environments. This part introduces the requirements for multi-cloud, the types of multi-clouds and the risks they transport to application security. Requirements for multi-cloud So why…
6 Simple Ways To Protect Your Website From Attackers
If there’s one specific reason why website owners don’t take steps to boost their online security to protect their blogs and websites from attackers, it’s usually because they believe one of two things: They don’t believe their website or blog has anything worth of real…
How to Mitigate XXE Vulnerabilities in Python
What is XML External Entity (XXE)? XML External Entity Injection is often referred to as a variant of Server-side Request Forgery (SSRF). XXE leverages language parsers that parse the widely used data format, XML used in a number of common scenarios such as SOAP &…