Acunetix build 13.0.200624118 for Windows and Linux has been released.

The new Acunetix build introduces support for GraphQL and OAuth 2.0, allowing Acunetix to scan web applications that make use of these web technologies. It also includes multiple UI updates, a new comprehensive and interactive report, and HTTP response highlighting for better readability. In addition, there are a good number of new vulnerability checks, numerous updates, and fixes, all of which are available for all editions of Acunetix.

New Features

  • Introduced support for GraphQL
  • Introduced support for OAuth 2.0
  • GraphQL files can be used as import files
  • New Comprehensive report, which includes the HTTP response in the HTML version of the report
  • HTTP response uses syntax highlighting for improved readability
  • Scans can now be restricted to paths/locations in import files
  • User can choose columns to show in all the Acunetix lists
  • UI saves columns selected for each page/user (applies to targets, vulnerabilities, scans, and reports)
  • UI saves number of items to show for each page/user (applies to targets, vulnerabilities, scans, and reports)
  • UI saves sorting order for each page/user (applies to targets, vulnerabilities, scans, and reports)

New Vulnerability Checks

Updates

  • Targets with manual intervention cannot have a business logic recording
  • Changed vulnerability name filter to search as you type
  • Scans will start reporting pages that require HTTP authentication
  • Acunetix UI notifications have been changed as follows:
    • Moved to the bottom right of Acunetix UI
    • Stay longer on the page
    • Can be closed by the user
  • Increased name length limit of import files to 128 characters
  • The user can optionally specify the address to be used for auto-login. This is useful for SSO login pages
  • The scanner will try to connect to the address of the target before aborting the scan after 25 consecutive network errors
  • Targets can be deleted and replaced on the license anniversary

Fixes

  • Fixed: The vulnerability name filter did not always show all vulnerabilities
  • Fixed incorrect error handling message when disabling the proxy settings
  • Hide Business Logic Recorder for network-only targets
  • Fixed: Acunetix Online was showing an ID as the name of some network vulnerabilities
  • Fixed: Acunetix Online was not always showing the HTTP response for some vulnerabilities
  • Fixed: Acunetix Online was not showing the number of licensed targets
  • Fixed issue causing paths of ignored files to be ignored too
  • Fixed LSR issue on Safari browser
  • Fixed issue caused when the LSR and BLR are used on certain sites
  • Various minor fixes to the UI
  • Fixed false positives in over 25 vulnerability checks

Upgrade to the Latest Build

If you are already using Acunetix build 13.x, you can initiate the automatic upgrade from the new build notification in the Acunetix UI > About page.

If you are using Acunetix build 12.x or earlier, you need to download Acunetix from here. Use your Acunetix license key to download and activate your product.

SHARE THIS POST
THE AUTHOR
Nicholas Sciberras
Chief Technical Officer
As the CTO at Acunetix, Nicholas is passionate about IT security and technology at large. Prior to joining Acunetix in 2012, Nicholas spent 12 years at GFI Software, where he managed the email security and anti-spam product lines, led multiple customer service teams and provided technical training.