Select or create your own scan types

To create your own custom scan type you will need to:

  • Navigate to ‘Settings’ from the navigation menu
  • Navigate to the ‘Scan Types’ tab
  • Click on the ‘New’ button
  • Specify a name for your scanning profile in the ‘Name’ field
  • Disable or enable any checks that you want to exclude or include in this profile by toggling the checkbox next to each check. Clicking on the folder icons will expand that specific group of checks.
  • When done, click the ‘Save’ button to create your scan type

select scanning profile

To select a different scan type to use for a scan you will need to:

  • Navigate to ‘Targets’ from the navigation menu
  • Select your scan target (by clicking on the check box next to the target address on the left hand side)
  • Click the ‘Scan’ button
  • From the ‘Scan Type’ drop-down menu select your scan type
  • Input other settings and click on the ‘Create Scan’ button

custom profile

Monitor the average response time

To see the average response time being returned from the server during a scan you will need to:

  • Navigate to ‘Scans’ from the navigation menu
  • Click on your scan
  • From the ‘Scan Stats & Info’ tab check the ‘Avg. Response Time’ value:

Monitor the average response time

Use the ‘Excluded Hours’ setting to scan during off-peak hours (in the new build released 15th Feb 2017)

To create your own custom excluded hours profile you will need to:

  • Navigate to ‘Settings’ from the navigation menu
  • Navigate to the ‘Excluded Hours’ tab
  • Click on the ‘Create Profile’ button
  • Specify a name for your scanning profile in the ‘Name’ field
  • Click on the boxes from the graph to exclude certain hours within certain days of the week
  • When done, click the ‘Create Profile’ button to create your excluded hours profile

Excluded Hours

To set exclusion hours for a specific target you will need to:

  • Navigate to ‘Targets’ from the navigation menu
  • Click on your target to edit it
  • Navigate to the ‘Advanced’ tab
  • Under the ‘Excluded Hours’ section, select a profile from the drop-down list.
  • Click ‘Save’ to apply these changes to that target

excluded hours drop-down

Set excluded paths for your targets

If there are any paths or files that you do not wish to scan, you can set exclusions by following these steps:

  • Navigate to ‘Targets’ from the navigation menu
  • Click on your target to edit it
  • Navigate to the ‘Crawl’ tab
  • From the ‘Excluded Paths’ field, enter exclusions for any paths or files and click ‘Add’. The exclusions can be set using regular expressions, wildcards, and also normal strings
  • Click the ‘Save’ button when done

excluded paths

Paths can also be excluded from the Site Structure identified during a previous scan. This can be done as follows:

  • Navigate to ‘Scans’ from the navigation menu
  • Click on a scan for the Target for which you want to configure exclusions
  • Navigate to the ‘Site Structure’ tab
  • Hover the mouse over the Site Strcutre, and click on the ‘Exclude’ option to automatically configure exclusion for the specific path.
  • The exclusions will be configured in the Target’s settings

Parallel Connections

If the server is able to handle the load, you can increase the scan speed by following these steps:

  • Navigate to ‘Targets’ from the navigation menu
  • Click on your target to edit it
  • From the ‘General’ tab set the ‘Scan speed’ slider to the ‘Fast’ setting
  • Click ‘Save’

Parallel Connections

For a more advanced use case you can:

  • Navigate to the following directory – C:\ProgramData\Acunetix 11\shared\General\
  • Open the ‘Settings.xml’ file using your favourite text editor
  • Search for the ‘<LimitConcurentRequests>’ tag, and this should be similar to the below:
<LimitConcurentRequests>10</LimitConcurentRequests>
  • Replace the ‘10’ with a value up to ‘25’. Note that this will override the ‘Fast’ setting set on your scan target and will be applied globally for all scan targets.

LimitCurrentRequests

  • Save the changes to the ‘Settings.xml’ file
  • Press the Windows + R keys on your keyboard to launch the Windows Run prompt
  • Input – services.msc – and click OK
  • From the Windows Services window, find the ‘Acunetix’ service and right-click on it and select ‘Restart’ to restart this service

restart

Don’t rescan the entire application, retest specific vulnerabilities that have been fixed

To retest specific vulnerabilities you will need to:

  • Navigate to ‘Vulnerabilities’ from the navigation menu
  • Select a vulnerability that you want to retest (by clicking on the check box next to the vulnerability name on the left hand side)
  • Click on the ‘Retest’ button to retest this vulnerability

retest

SHARE THIS POST
THE AUTHOR
Acunetix

Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.