What is Local File Inclusion (LFI)?

Local File inclusion (LFI), or simply File Inclusion, refers to an inclusion attack through which an attacker can trick the web application in including files on the web server by exploiting functionality that dynamically includes local files or scripts. The consequence of a successful LFI attack includes Directory Traversal and Information Disclosure as well as […]

Read More →

What is Remote File Inclusion (RFI)?

Remote File inclusion (RFI) refers to an inclusion attack wherein an attacker can cause the web application to include a remote file by exploiting a web application that dynamically includes external files or scripts. The consequences of a successful RFI attack include Information Disclosure and Cross-site Scripting (XSS) to Remote Code Execution. Remote File Inclusion […]

Read More →

What are Injection Attacks?

Injection attacks refer to a broad class of attack vectors that allow an attacker to supply untrusted input to a program, which gets processed by an interpreter as part of a command or query which alters the course of execution of that program. Injection attacks are amongst the oldest and most dangerous web application attacks. […]

Read More →

How to scan an HTTP Authentication restricted area

In addition to support for form authentication, which Acunetix supports via the Login Sequence Recorder, you can also scan areas of a website or web application which are restricted through the means of HTTP Authentication. HTTP Authentication, sometimes referred to as Basic Authentication, is a type of authentication that is formally defined in the HTTP […]

Read More →

Configuring Advanced Settings in Acunetix

By default, Acunetix comes built-in with settings that are designed to work in the vast majority of websites and web applications. Of course, you can customize a Target’s settings, but there might be cases where you need very fine-grain control on your Target settings. Fine-grain scan controls can be customized from the Acunetix Settings.xml file […]

Read More →

Installing and Configuring Acunetix Jenkins Plugin

To install the Acunetix Jenkins Plugin, start by navigating to Manage Jenkins > Manage Plugins and select the Available tab. Search the Jenkins Plugin Index for Acunetix. Select Install without restart. Configuring the Acunetix Jenkins Plugin Before starting to use the Acunetix Jenkins Plugin in a Jenkins job, you will need to configure the plugin […]

Read More →