FAQ: How can I scan multiple websites with Acunetix WVS?

Acunetix Web Vulnerability Scanner provides the functionality to scan multiple websites at the same time through the web-based Acunetix WVS Scheduler. The Acunetix Scheduler will run a new WVS instance for each website scheduled to be scanned. The number of instances that the Acunetix WVS Scheduler will launch can be configured from the Configuration > […]

Read More →

Why did Acunetix WVS display a message window stating that URL rewrite was detected during a scan?

URL rewrite (ex. mod_rewrite) is a common technology which is enabled on a web server to change the format of the URL being requested on the fly, for search engine crawling purposes. Common example: http://testasp.vulnweb.com/showthread.asp?id=1 can be rewritten automatically into: http://testasp.vulnweb.com/showthread.asp/id/1 ?id=1 is a parameter input, however with URL rewrite it can be rewritten to […]

Read More →

How can I define my own URL rewrite rules?

When used by a website, URL rewrite rules need to be defined in Acunetix WVS to instruct the Crawler on how to recognize rewritten URLs, otherwise some URLs will be misinterpreted as directories — which will result in an incorrect scan. In this FAQ we will detail one of the URL rewrite rules needed to […]

Read More →

Where are Acunetix files stored?

By default, Acunetix is installed in C:\Program Files (x86)\Acunetix {version}. However, this location can be changed at installation time. Furthermore, Acunetix stores all its data in C:\ProgramData\Acunetix {version}. This includes the Acunetix database as well as file uploads such as Login Sequences. If you are having trouble finding your Acunetix installation, you can run the […]

Read More →

FAQ: What additional features does Acunetix WVS include?

The following features complete the Acunetix WVS scanning arsenal: Innovative AcuSensor technology Web server configuration detection Web server security scan (Port Scanner) against services such as DNS, SSH etc Dictionary (brute force) attacker to test password strength of login pages or HTTP authentication Report Generator to create professional and regulatory compliance reports specifying detected vulnerabilities […]

Read More →