Excluding File Types From a Scan
By default, Acunetix 360 ignores some URLs that do not need to be scanned, using a list of excluded file types or extensions, from scans. It is possible to modify this list of excluded file types from the Extensions tab when configuring a Scan Policy.
Excluding Binary Files
By default, Acunetix 360 does not crawl and analyze binary files during a scan. They are outside the scope of scanning a web application for vulnerabilities. In fact the Acunetix 360 scanner has a built-in mechanism to check if HTTP responses are binary responses; if they are, they will be excluded from scans.
If you have a number of binary files on your website, add their extension to this Extensions list, so that when the Acunetix 360 scanner identifies them it does not have to make the binary check. The advantage is that this shortens the scan duration.
Crawl and Attack Options
This table lists and describes the crawl options in Acunetix 360.
Do not Crawl
Acunetix 360 does not crawl file links and adds them to the Out of Scope with Extension Blacklisted reason.
File links will be crawled.
Crawl Only Parameter
File links will be crawled if they have any Query String parameters. Otherwise they will be added to the Out of Scope with Extension Blacklisted reason.
This table lists and explains the attack options in Acunetix 360.
Do not Attack
File links will be ignored.
File links will be analyzed if they have a parameter.
Attack Parameters and Query String
File links will be analyzed if they have a parameter or Query String.
How to Exclude File Types From a Scan in Acunetix 360
- From the main menu, click Policies, then Scan Policies.
- Do one of the following (see Overview of Scan Policies):
- Next to an existing policy, click Clone
- From the main menu, click Policies, then New Scan Policy
- In New Scan Policy window, click the Extensions tab.
- You can create a new exclusion or edit an existing one. Either:
- Select an existing item by clicking into its EXTENSION field.
- Click New to create a new, blank Extensions row.
- Enter the extension you want to exclude in the EXTENSION field