The Release Candidate build for Acunetix Web Vulnerability Scanner Version 7 (20100825) is now available for download.  All of the bugs reported during the Beta were fixed.  We also added some improvements in this RC build and we are well prepared for the official release, which is around the corner.  So stay tuned!

Improvements

:

  • Improved HTTP Fuzzer tool; added Response Word count (extract raw text {remove tags} from HTML response and count the words) and Raw Text view.  This feature is useful for comparing responses.
  • Improved Blind SQL injection timing script; it will automatically probe the current response time from server. This information will be used during execution. This improvement will reduce false positives.  We’ve also adjusted this script to reduce some non-timing related false positives.

Bug Fixes:

  • Fixed: Scanner crashing in module tm_web_applications.dll when multiple scans were running at the same time
  • Fixed: If V 7 is activated on the same machine where v6.5 is installed, it will deactivated.  Now they no longer de-activate each other
  • Fixed: When installing a new build from the Update tool, wvs.exe remained in memory and it had to be manually terminated.

How to upgrade to build 20100825:

On starting up Acunetix WVS, a pop up window will automatically notify you that a more recent build is available for download.  To download the
latest build, navigate to General > Program Updates node in the Tools explorer, and click on Download and Install new build.

Testing Acunetix WVS Version 7 RC1:

If you are interested in testing the Release Candidate build of Version 7, and you already own an Acunetix WVS Enterprise or Consultant license with a valid maintenance agreement, contact us at beta@acunetix.com.

Contact us on support@acunetix.com for any technical queries, and on sales@acunetix.com for any sales queries.

SHARE THIS POST
THE AUTHOR
Acunetix

Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.