If you do not need to perform a full scan, you may choose from the list of Scan Types to run against a Target. Scan Types are a logical grouping of tests that test for specific classes of vulnerabilities such as SQL injection or Cross-Site Scripting tests which you can use to reduce the scope of the tests the scanner will run during the scan.

You may either use the default Scan Types or create your own. The Scan Type to run a scan with may be selected upon launching a new Scan. A single Target may be scanned with several Scan Types, several times. The following are the default Scan Types included with Acunetix.

  • Full Scan – Performs a full and thorough scan that will perform all the tests required for high, medium and low severity web application vulnerabilities
  • High-Risk Vulnerabilities – Performs tests against high severity web application vulnerabilities (high impact, easily exploitable)
  • Cross-Site Scripting Vulnerabilities – Performs tests against Cross-site Scripting (XSS) web application vulnerabilities
  • SQL Injection Vulnerabilities – Performs tests against SQL Injection (SQLi) web application vulnerabilities
  • Weak Passwords – Performs tests against weak or default web application passwords
  • Crawl Only – Performs a crawl, which finds all links and inputs within a web application, but does not perform any vulnerability tests
  • Malware Scan – Checks the files processed as part of an Acunetix scan for malware

A further two Scan Types are available for network scans.

  • Full network scan using safe checks
  • Full network scan that includes invasive checks

Custom Scan Types

While the default Scan Types are enough for most use cases, sometimes you may need to fine-tune exactly which tests Acunetix runs. This can be achieved through custom Scan Types. To create a custom Scan Type, navigate to Settings > Scan Types > New. Scan Types are organized by type of test, and you can also search for specific vulnerability tests which you wish to run.

Acunetix V13 Custom Scan Profile



Ian Muscat

Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.

  • Hi,
    Is the configuration of custom scan type available for On Premise standard version ?

    • Hi Ryan, yes, Scan Types are available across all editions of Acunetix On-Premises (including the Standard edition), as well as Acunetix Online. Should you need further help, please do not hesitate to get in touch with support@acunetix.com

  • Hi,
    Is there an option to disable DOS Attack?

  • Hi,
    I am looking for a Static Analysis Tool for Secure Code Development Life Cycle (SCDL). My question is if the Acunetix is appropriate tool for this job.

  • My scan keeps usually locks out the associated account used to authenticate for the scan. Are there any tips or any checks I should disable? Thank you

    • Kev,

      We have identified a bug which might cause this. We will be fixing this in the upcoming update, scheduled to be released in 2-3 weeks.

  • Comments are closed.