You can reach the latest technical information here: Adding Custom Vulnerability Checks to Your Acunetix Installation Vulnerability checks in Acunetix Web Vulnerability Scanner consists of two files; *.script – The actual vulnerability check written in JavaScript. Such scripts are stored in the <C:\ProgramData\Acunetix WVS x\Data\Scripts>…
FAQ: Is it possible to crawl a site manually?
It is possible to manually crawl your website with Acunetix WVS using a web browser. Using the resultant — and manually crawled — links, it is then possible to build a website structure that will be targeted during the security scan. This is useful for…
Should I scan a website through a web application firewall?
Unfortunately, security scans are frequently launched against a website or web application sitting behind a web application firewall, or some other kind of web security gateway device. A website audit performed for a website through a “man in the middle” device or software, will only give…
FAQ: Can I scan a website that uses URL rewrite without specifying URL rewrite rules in Acunetix WVS?
Although it is not a suggested operation, yes, you can still scan a website which has URL rewrite enabled without specifying any URL rewrite rules in Acunetix Web Vulnerability Scanner. Unlike other scanners, Acunetix WVS will advise you once it detects that the target website…
Is a Vulnerability Scan Invasive Enough to Damage my Site or Data?
A common question asked about web vulnerability scanners is – “does this tool perform invasive scans?”, or “will it damage my website or web application?”. Such questions are common since black-box scanners tend to cause email floods, as well as publishing of garbage blog posts…
New Acunetix WVS V6.5 build; better support for CAPTCHA and modern authentication mechanisms
With the release of Acunetix WVS Version 6.5 latest build; 20090728 (https://www.acunetix.com/support/build-history.htm), we announce that Acunetix WVS has better support for web applications with CAPTCHA, single sign-on and Two factor authentication mechanisms. Thanks to the new ‘Manual Intervention’ module, IT security professionals can now save…
VIDEO: Meeting PCI DSS requirements with Acunetix
Unlike web application firewalls, Acunetix Web Vulnerability Scanner focuses on fixing web security problems, whether than preventing them from happening. Acunetix WVS helps in detecting cross site scripting, sql injections and other web vulnerabilities before the web application is exposed on the internet, during its…
OpenX 2.6.4 vulnerabilities were identified with Acusensor
If you are making use of OpenX, the following update fixes a number of security flaws that were identified when we made use of Acunetix WVS with the Acusensor technology enabled. Released an advisory detailing these vulnerabilities here. The SQL injection vulnerabilities abuse an INSERT…
A quick security analysis of Facebook’s Album Privacy
Most social networking sites have privacy options which allow users to share photo albums with selected people or groups. Such features encourage end users to upload possibly compromising photos, for example photos of last night’s party. The idea is that it is acceptable to share…