Deploying AcuSensor for ASP .NET

AcuSensor Network Prerequisites
AcuSensor makes use of the AcuSensor Bridge. For more information, refer to the AcuSensor Bridge documentation.

How to deploy AcuSensor for ASP .NET websites

This section describes how to deploy AcuSensor to an ASP.NET (including .NET core) web application.

  1. Download the AcuSensor agent for your Target.

  1. Install Prerequisites on the server hosting the website. (The AcuSensor Injector.exe application requires Microsoft .NET Framework 3.5 or higher).

  1. Copy the AcuSensor installation file to the server hosting the .NET website.

  1. Extract the file, navigate to the .NET Framework subfolder, and launch the Injector.exe file.

  1. On start-up, the Injector will retrieve a list of .NET applications installed on your server. Select which applications you would like to enhance with the AcuSensor Technology and click Install Sensor to install the AcuSensor Technology sensor in the selected .NET applications.

  1. Once the sensor has been installed, close the confirmation window and also the AcuSensor manager.

How to disable and remove AcuSensor for ASP .NET websites

To remove and disable AcuSensor from your website:

  1. Launch Injector.exe.

  1. Select the website where the AcuSensor agent is deployed and click Remove Sensor to remove the AcuSensor agent from the site.

  1. Close the Injector.exe application.

How to deploy and remove AcuSensor using the command line

After copying and extracting the file to the server hosting the .NET website, you can deploy and remove the AcuSensor agent to your web application, and also list available web applications, as follows:

C:\Users\Administrator\Desktop\dotnet-acusensor>injector -m inject -t http://localhost:86/yaf_forums

Target Found. Injecting sensor to: http://localhost:86/yaf_forums

C:\Users\Administrator\Desktop\dotnet-acusensor>injector -m uninject -t http://localhost:86/yaf_forums

Target Found. Uninjecting sensor from: http://localhost:86/yaf_forums

C:\Users\Administrator\Desktop\dotnet-acusensor>injector -m list






  • The -m switch can be:
  • inject - to inject the AcuSensor agent into a web application
  • uninject - to remove the AcuSensor agent from a web application
  • list - to list the web application on the web server
  • The -t switch should specify the URL for which you wish to inject or remove the AcuSensor agent


  • If the web application is at the root of a URL path, you MUST include a forward slash at the end of the URL (in this example, http://localhost:86/).
  • If the web application is in a subfolder, you MUST NOT include a forward slash at the end of the URL (in this example, http://localhost:86/yaf_forums).
  • Although the Acunetix AcuSensor agent is secured with a strong password, it is recommended that the AcuSensor agent files are uninstalled and removed from the web application if they are no longer in use.

How to deploy .NET AcuSensor manually

  1. Download the AcuSensor agent for your Target.

  1. Extract the downloaded ZIP file in any directory. For this illustration, we used the following folder: C:\ProgramData\Acunetix\Acusensor

  1. Open Powershell or CMD with administrator privileges.

  1. Navigate to the .NET Framework folder.

  1. Run the following command: Injector.exe -m extract

  1. Copy the newly created DLLs and settings.ini to the target application’s bin folder similar to the following:

  1. Open settings.ini and edit the entry ‘log.path’ to reflect ‘log.path=C:\inetpub\temp\IIS Temporary Compressed Files\logs’

  1. To install the IIS HTTP Module, add the following to the web application’s web.config:




      <add name="InvictiSensorModule" type="SensorModule.RequestsHandlerModule, SensorModule, version=, culture=neutral, publicKeyToken=068f0ac6f5c4405b" />




  1. To load the SensorModule.dll .NET profiler, you need to add the following environment variable; do this by changing the IIS application-host config file: “%windir%\System32\inetsrv\config\applicationHost.config”


  1. Restart the test application in IIS. (You might need to restart W3SVC service for the changes to take effect.)

Running a scan on this Target will now display AcuSensor used for this scan in the Activity section of the Scan Information.

AcuSensor should generate logs inside the directory you entered in the settings.ini. If you experience any issues, you can forward these logs to Acunetix Support.


« Back to the Acunetix Support Page