An Acunetix crawl can be pre-seeded using various techniques. Pre-seeding an Acunetix crawl with such data gives the Acunetix crawler a head start when scanning a target, while ensuring that the requests already captured using other tools are not missed by the Acunetix crawler. This may happen when there are parts of the site, which are not linked to from the main target, thus hiding them from the Acunetix crawler. Pre-seeding the scan will ensure that these pages and directories are scanned.

An Acunetix crawl can be pre-seeded using output from the following tools.

  • Selenium IDE – scripts used to automatically test web applications (.html and .side files)
  • Telerik Fiddler – session archives (.saz files)
  • Burp – saved items (.xml) and state files
  • HTTP Archives – HAR files, which can be exported from various tools including developer tools included with major browsers
  • Swagger 2.0 / 3.0 – used to describe RESTful APIs (.json, .yaml, and .yml files)
  • WSDL – used to describe SOAP web services
  • WADL – used to describe restful APIs
  • ASP.NET Web Forms project files (*.csproj, *.vbproj),
  • Paros log files (*.session.data),
  • Postman collections v2 (*.json)
  • Text files with lists of URLs

Acunetix pre-seeding

A pre-seed file may be applied to a particular target and a target may have multiple pre-seed files. An Acunetix crawl can be pre-seeded by following the following steps:

  1. Prepare the output file(s) that you wish to pre-seed the crawl from
  2. Click the target that you wish to pre-seed to open the target configuration page
  3. On the target configuration page, scroll down to the Import Files section
  4. Click the upload icon next to the Choose File field and browse to the file that you wish to import
  5. If you wish to remove a pre-seed file from a target, simply click the red icon next to the file that you have imported
  6. Save your settings for them to take effect
SHARE THIS POST
THE AUTHOR
Nicholas Sciberras
Chief Technical Officer
As the CTO at Acunetix, Nicholas is passionate about IT security and technology at large. Prior to joining Acunetix in 2012, Nicholas spent 12 years at GFI Software, where he managed the email security and anti-spam product lines, led multiple customer service teams and provided technical training.