An Acunetix crawl can be pre-seeded using various techniques. Pre-seeding an Acunetix crawl with such data gives the Acunetix crawler a head start when scanning a target, while ensuring that the requests already captured using other tools are not missed by the Acunetix crawler. This…
Tag Archives wvs
What Are Email Injection Attacks
It is common practice for web pages and web applications to implement contact forms, which in turn send email messages to the intended recipients. Most of the time, such contact forms set headers. These headers are interpreted by the email library on the web server…
How to Prevent SQL Injection Vulnerabilities in PHP Applications
SQL Injection (SQLi) is a type of injection attack. An attacker can use it to make a web application process and execute injected SQL statements as part of an existing SQL query. This article assumes that you have a basic understanding of SQL Injection attacks…
What Are XML External Entity (XXE) Attacks
An XML External Entity (XXE) attack (sometimes called an XXE injection attack) is a type of attack that abuses a widely available but rarely used feature of XML parsers. Using XXE, an attacker is able to cause Denial of Service (DoS) as well as access…
Configuring HTTP Proxy Settings in Acunetix
If the target website or web application you intend to scan is only reachable via an HTTP proxy, you will need to configure Acunetix On-Premises to make use of that HTTP proxy server before running the scan. You can set different proxy settings per Target…
VIDEO: Acunetix Login Sequence Recorder
The Acunetix Login Sequence Recorder can be used to test password-protected areas of your website automatically. In order to scan a form-based password protected area, you will need to make use of a Login Sequence during the scan. The Login Sequence can be configured from…
How can I integrate Acunetix with another third party application?
Acunetix includes an API which can be used to integrate Acunetix with other applications. The API allows the creation and scanning of Targets,retrieve scan results and generate Acunetix reports. Contact us to get more information, and for a copy of the Acunetix API documentation.
How to Scan for Specific Vulnerabilities
If you do not need to perform a full scan, you may choose from the list of Scan Types to run against a Target. Scan Types are a logical grouping of tests that test for specific classes of vulnerabilities such as SQL injection or Cross-Site…
What is a Host Header Attack?
It is common practice for the same web server to host several websites or web applications on the same IP address. This why the host header exists. The host header specifies which website or web application should process an incoming HTTP request. The web server…