Acunetix Web Vulnerability Scanner placed first in a paper released by Adam Doup´e, Marco Cova, and Giovanni Vigna from the University of California, Santa Barbara.  In the paper “Why Johnny Can’t Pentest: An Analysis of Black-box Web Vulnerability Scanners”, the authors compared the capalities of eleven black box web security scanners (both commercial and open […]

Read More →

An updated build of Acunetix WVS Version 6.5 has been released.  This build includes a number of bug fixes Bug Fixes: Fixed: Login Sequence Recorder was not using client certificates when recording a login sequence Fixed: Login Sequence Recorder was not using the configured User Agent string Fixed: HTTP Sniffer was not handling some specific […]

Read More →

An updated build of Acunetix WVS Version 6.5 has been released.  This build includes a new feature and new security checks, improvements and addresses a number of bug fixes. New Feature: Added new option to export results to HTTP Fuzzer New Security Checks: Test for XML External Entity Injection Test for XML Injection Improvements: Improved […]

Read More →

An updated build of Acunetix WVS Version 6.5 has been released.  This build addresses a number of bug fixes , an updated Acunetix Firefox extension and a new security check. New Security Check: Test for Cross Site Scripting in the Referrer header Improvement: Acunetix Firefox extension now supports latest Firefox release Bug Fixes: Crawler: Html […]

Read More →

Although it is not a suggested operation, yes, you can still scan a website which has URL rewrite enabled without specifying any URL rewrite rules in Acunetix Web Vulnerability Scanner. Unlike other scanners, Acunetix WVS will advise you once it detects that the target website has URL rewrite enabled (as shown in the below screen […]

Read More →

An updated build of Acunetix WVS Version 6.5 has been released with a number of new security checks, improvements and bug fixes. New security checks: 8.3 DOS filename source code disclosure Apache Tomcat Directory Host Appbase authentication bypass vulnerability Apache Tomcat WAR File directory traversal vulnerability Apache stronghold-info enabled Apache stronghold-status enabled ColdFusion 9 Solr […]

Read More →

An updated build of Acunetix WVS Version 6.5 has been released with a number of new security checks and bug fixes. New security checks: Test for File Upload IIS bug filename.asp;.jpg Test for WP-Forum 2.3 vulnerabilities JBoss rmi ping (network script) Bug Fixes: Bugfix: Modified forms notifications from CSA Bugfix: CSA: Workaround for window.open with […]

Read More →

An updated build for Acunetix WVS Version 6.5 has been released with a number of improvements, bug fixes, and a number of new security checks. New security checks: JBoss BSHDeployer MBean JBoss checks from RedTeam’s paper JBoss HttpAdaptor JMXInvokerServlet JBoss Server MBean JBoss ServerInfo MBean JBoss Web Console JMX Invoker phpShop v0.8.1 Multiple Vulnerabilities Invision […]

Read More →

An updated build for Acunetix WVS Version 6.5 has been released with a number of improvements, bug fixes, and most important of all, a good number of new security checks. New: New security checks of AcuSensor Technology curl_exec() url is controlled by user PHP preg_replace used on user input PHP super-globals-overwrite PHP unserialize used on […]

Read More →

An updated build for Acunetix WVS Version 6.5 has been released.  It includes a number of bug fixes. Bug fixes: Fixed: Redirect on LoginSequenceStep was not followed correctly Fix in URL Rewrite module to remove GetVars before matching rules How to upgrade: On starting up Acunetix WVS, a pop up window will automatically notify you […]

Read More →