Acunetix version 13 introduces a new user interface that has been rewritten from the ground up. The new UI has been developed using the latest version of Angular, provides superior user experience, and improves the general usability of Acunetix. The following is a list of updates to the new user interface.

Upon loading Acunetix v13, the first thing you will notice is the new sidebar, which includes a number of new options. Most of these options were already available in version 12 but they were hidden in different places. The important options are now easy to access.

Acunetix v13 UI menu

Network scanning had been introduced in v12, however, it is now much easier to configure in v13. There is a separate network scanning menu option, where you can configure the settings required to connect to the OpenVAS network scanner.

Acunetix V13 network scanning configuration

The Acunetix v13 user interface allows you to easily sort your targets, scans, vulnerabilities, and reports. You can do it by clicking on the column header to sort the list using the specified column. Clicking on the column header again will reverse the sorting order. The screenshot shows the vulnerability list sorted by confidence %.

Acunetix v13 vulnerability confidence

Each list in the Acunetix user interface features a filter bar, which allows you to easily find the information that you require. This comes in handy when you have more than 10 targets and after you have performed some scans. When you click on the filter bar, a list of filter options will be displayed, allowing you to choose the field that you want to use in your filter.

Acunetix v13 filter bar

The new UI introduces paging, which makes it easier to browse through larger lists. Paging options are displayed at the bottom of the pages that contain lists.

Acunetix v13 paging

In Acunetix v13, all the target settings are found on one page. This makes it easier to search for a specific setting using the browser’s search functionality. At the bottom of target settings, you can access advanced options including custom headers, custom cookies, issue tracker to use, allowed hosts, and excluded hours. Using advanced options, you can also enable debug logging for scans performed on the target.

Acunetix v13 target settings

In Acunetix version 13, when you click on a vulnerability, vulnerability alert details are opened on the side on the same page. This allows you to check vulnerability alert details without losing track of other vulnerabilities identified by Acunetix.

Acunetix v13 vulnerability alert details

In addition, there are 2 new features that enhance vulnerability information in Acunetix v13, which are partially the result of updates done in the UI.

The first of these is Proof of Exploit, which is available in the Attack Details section of the vulnerability alert. Acunetix v13 tries to exploit identified vulnerabilities to provide proof in the Attack Details section. The following is a screenshot of a directory traversal vulnerability identified by Acunetix. The proof of exploit for the vulnerability is highlighted and shows that Acunetix has retrieved the contents of a sensitive file from the server by exploiting the directory traversal vulnerability.

Acunetix v13 proof of exploit

Another feature that improves vulnerability alerts in Acunetix v13 is HTTP response highlighting, which provides information on how the vulnerability has been detected in the HTTP response. The highlighted part of the HTTP response will help you better understand how Acunetix has identified the vulnerability and allow you to perform additional manual checks to verify the existence of the vulnerability.

The screenshot shows how Acunetix has detected a Cross-site Scripting vulnerability in the HTTP response.

Acunetix v13 highlighting

To conclude, in addition to being stylish and more usable, the new UI is a big step forward for Acunetix since it is the foundation for introducing new features and functionality in the foreseeable future.

SHARE THIS POST
THE AUTHOR
Nicholas Sciberras
Chief Technical Officer
As the CTO at Acunetix, Nicholas is passionate about IT security and technology at large. Prior to joining Acunetix in 2012, Nicholas spent 12 years at GFI Software, where he managed the email security and anti-spam product lines, led multiple customer service teams and provided technical training.