Most Targets that you will be scanning using Acunetix will have a restricted area which requires authentication. When configuring the Target, you can configure form-based authentication from the Target’s settings > Site Login. Here you need to choose between auto-login and pre-recorded login sequence.
You should initially configure Acunetix to “Try and auto-login into the site”. This should work for most web applications that use a simple login / logout mechanism. Acunetix will try to automatically detect the login screen, the logout link (which will be restricted) and a pattern which is used to identify that the session is still valid.
If the auto-login fails, or your web application requires multiple steps to authenticate or log out, you will need to configure the login sequence manually. This can easily be done using the Acunetix Login Sequence Recorder.
Get the latest content on web security
in your inbox each week.