Acunetix includes advanced tools for penetration testers to take web security testing further. It integrates with external tools and offers tools that aid in testing the business logic of web applications.
Take Automated Scanning Further
Manual penetration testing tools that are available to download for free allow veteran testers as well as up-and-coming security researchers to manually test web applications for logical flaws.
- Intercept, log and modify HTTP traffic on the fly
- Validate fuzz tests and handle invalid or random data
- Export Blind SQL Injection vulnerabilities and perform automated database data extractions
- Import manual crawl data from Acunetix HTTP Editor, Telerik Fiddler, PortSwigger BurpSuite, and HAR (HTTP Archive) files.
Automatic Web Application Firewall Configuration
Acunetix integrates with popular Web Application Firewalls (WAFs) to automatically create appropriate WAF rules. These rules protect web applications against attacks that target vulnerabilities found by the scanner. This allows you to temporarily prevent exploitation of high-severity vulnerabilities until you are able to fix them. Acunetix integrates with:
- Imperva SecureSphere
- F5 BIG-IP Application Security Manager
- FortiWeb WAF
Integration and Extensibility
Acunetix features a powerful RESTful Application Programming Interface (REST API). The REST API allows you to access and manage scan targets, scans, vulnerabilities, reports, and other resources within Acunetix in a simple, programmatic manner using conventional HTTP requests.
- Intuitive and powerful API endpoints
- Easily retrieve results and execute actions
- Seamlessly integrate Acunetix into complex, custom workflows and processes
We use Acunetix as part of our Security in the SDLC and to test code in DEV and SIT before being promoted to Production.