Acunetix Web Vulnerability Scanner version 10 (build 20150707) has been updated to include new vulnerability checks, including the detection of Same Origin Method Execution, XSLT Injection, Blind Out-of-band Remote Code Execution and Blind Out-of-band SQL Injection. This build also includes various updates to the new…
Blind Out-of-band Remote Code Execution vulnerability testing added to AcuMonitor
Similar to Blind Out-of-band SQL Injection vulnerabilities, AcuMonitor can now detect Blind Out-of-band Remote Code Execution (RCE) vulnerabilities. Let’s consider a vulnerable PHP application that contains the following code $cmd = isset($_GET[‘1’]) ? $_GET[‘1’] : ”; if ($cmd) { exec(‘ping -c 1 ‘ . $cmd);…
Blind Out-of-band SQL Injection vulnerability testing added to AcuMonitor
Acunetix AcuMonitor is a free intermediary service that helps detect second-order vulnerabilities (i.e. vulnerabilities that do not provide a response to a scanner during testing) during a scan. AcuMonitor made its debut with Acunetix WVS version 9. Since then, we’ve continuously improved the service and…
Increased support for REST, Java and Ruby on Rails testing
Acunetix WVS v10 improves its support for crawling and identifying vulnerabilities in various web technologies. This is the result of feedback gathered during the past months from our user-base. Keeping abreast with updates to web technologies is of utmost importance, as it allows Acunetix to…
VIDEO: Acunetix Quick Start Guide
Welcome to the Acunetix Quick Start Guide. This short guide covers how to launch a scan, analyze the scan results and create a report. For further information and help, please visit https://www.acunetix.com/support
Featured
Keeping your Website Secure just got Easier with Acunetix 10
Automated Scanning of login protected pages, extended support for Java Frameworks and Ruby on Rails, and the detection of vulnerabilities in WP core and WP plugins.
In the headlines: Windows 10, Drupal, GitHub and more
Windows 10 due to support SSH As you should now have heard, or as you might notice from the new little Windows icon on your taskbar, Windows 10 is due to be released at the end of July. The most interesting bit of news from…
XML external entity injection via REST APIs
The new version of Acunetix Web Vulnerability scanner comes with improved support for scanning REST APIs. When Acunetix WVS finds an REST API definition (via a WADL file or from Acunetix DeepScan) it also scans this API resource for XML external entity injection vulnerabilities. If…
How to scan REST APIs using Acunetix WVS version 10
In this blog post I’m going to describe 3 different ways to scan REST APIs using the new version 10 of Acunetix Web Vulnerability Scanner. 1. REST API automatically discovered via Acunetix DeepScan Let’s start with a simple web application that is using REST. It…