XSS Filter Evasion Basics

The two primary methods of avoiding Cross-site Scripting (XSS) vulnerabilities are XSS filtering and XSS escaping. However, XSS filtering is not recommended because it can usually be evaded using clever tricks. Here are some of the methods that an attacker can employ in their malicious…

Read more

How to Use Allowed Hosts

When you build web applications, you often use multiple back-end web services to interface between client-side and server-side applications. For example, enterprises use functional subdomains to distribute static content or application logic between API requests. To scan the entire web application, the web vulnerability scanner…

Read more

What Is Cookie Poisoning

The term cookie poisoning is used in different contexts to describe attacks that aim to manipulate, intercept, or forge the content of HTTP cookies. Cookie poisoning attacks are different types of attacks that can affect both the client-side application, data transmission, or the web server….

Read more

Visit Us at RSA Conference 2020

Acunetix will be exhibiting at the RSA Conference 2020 on February 24–28 in San Francisco. Join us at booth #6365 in the North Expo to find out about the latest automated features of Acunetix, the leader in web application security scanning. You can click here…

Read more

Top 10 Acunetix Blog Posts in 2019

The year 2019 has been very exciting for Acunetix with many changes and unprecedented growth. Not only did we unveil the long-awaited Acunetix 360 for our enterprise clients but we also moved to bigger offices and our team grew almost two-fold! The Acunetix engine has…

Read more

Season’s Greetings from the Acunetix Team

We would like to wish you the happiest holidays and all the best in the new year. May your celebrations be safe and secure and may any vulnerabilities in the next year be efficiently discovered. Greetings from our multinational team! Merry Christmas and a happy…

Read more

What Are JSON Injections

The term JSON injection may be used to describe two primary types of security issues: Server-side JSON injection happens when data from an untrusted source is not sanitized by the server and written directly to a JSON stream. Client-side JSON injection happens when data from…

Read more