There are situations where you need to crawl a site, and choose which paths to scan after crawling the site. This feature has been re-introduced in Acunetix version 12. You will first need to run a Crawl, after which you can choose which files not…
New build detects an unfixed WordPress file deletion vulnerability, vulnerabilities in WordPress plugins and Joomla! Core
Acunetix v12 (build 12.0.180628131) has been released. This new build detects an unfixed WordPress file deletion vulnerability, vulnerabilities in multiple WordPress Plugins and two Joomla! Core vulnerabilities. Below is a full list of updates. New Features and Vulnerability tests New test for WordPress Arbitrary File…
Visit us at OWASP AppSec EU 2018
Acunetix will be exhibiting at OWASP AppSec in London between the 2nd and 6th July 2018 at the Queen Elizabeth 11 Centre (QE2) The OWASP Annual AppSec EU Security Conference, is the premier application security conference for European developers and security experts. We invite all…
New build adds detection of vulnerabilities in WordPress, Django, multiple Spring Framework and Atlassian products
Acunetix v12 (build 12.0.180619111) has been released. This new build introduces new vulnerability checks for WordPress, Django, multiple Spring Framework and Atlassian products. Below is a full list of updates. New Features and Vulnerability tests Spring Data Commons RCE via Spring Expression Language (SpEL) injection…
Deserialization vulnerabilities: attacking deserialization in JS
At ZeroNights 2017 conference, I spoke about “Deserialization vulnerabilities in various languages”. For my presentation, I used an interesting article about two serialization packages of Node.js. I showed them as examples of vulnerable implementations of deserialization processes. In this post, I’d like to show results…
New build adds detection for Oracle Weblogic, PHPUnit, Edge Side Include Injection and more
Acunetix v12 (build 12.0.180611183) has been released. This new build introduces new vulnerability checks for Oracle Weblogic, PHPUnit, Edge Side Include Injection and other vulnerabilities. The new build also includes a good number of updates and several important fixes. Below is a full list of…
Is there an easy way to exclude paths from being scanned?
You can exclude paths from being scanned by configuring the path as an Excluded Path for the Target. This can be done from the Target’s settings > Crawl tab > Excluded Paths. The Excluded paths will need to be configured as a regular expression. Since…
How fast is Acunetix v12?
Acunetix version 12 ships with a new scanning engine which has been rewritten from scratch. One of the benefits of the new scanning engine is an improvement in scanning speed. Our tests indicate that the scanning time of some scans has been halved. This is…
How to upgrade my Acunetix installation to Acunetix v12
If you are using Acunetix v11, you will be able to upgrade your Acunetix installation to Acunetix v12, and all your settings will be retained. Proceed as follows: Download the latest version of Acunetix from https://www.acunetix.com/download/fullver/ Backup the files in <C:\ProgramData\Acunetix 11> Install Acunetix v12…