Acunetix web vulnerability scanner version 4.0
Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.
Acunetix WVS automatically checks for the following vulnerabilities among others:
Version Check
- Vulnerable Web Servers
- Vulnerable Web Server Technologies – such as “PHP 4.3.0 file disclosure and possible code execution.
CGI Tester
- Checks for Web Servers Problems – Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE)
- Verify Web Server Technologies
Parameter Manipulation
- Cross-Site Scripting (XSS) – over 25 different XSS variations are tested.
- SQL Injection
- Code Execution
- Directory Traversal
- File Inclusion
- Script Source Code Disclosure
- CRLF Injection
- Cross Frame Scripting (XFS)
- PHP Code Injection
- XPath Injection
- Full Path Disclosure
- LDAP Injection
- Cookie Manipulation
MultiRequest Parameter Manipulation
- Blind SQL/XPath Injection
File Checks
- Checks for Backup Files or Directories - Looks for common files (such as logs, application traces, CVS web repositories)
- Cross Site Scripting in URI
- Checks for Script Errors
Directory Checks
- Looks for Common Files (such as logs, traces, CVS)
- Discover Sensitive Files/Directories
- Discovers Directories with Weak Permissions
- Cross Site Scripting in Path and PHPSESSID Session Fixation.
Web Applications
Text Search
- Directory Listings
- Source Code Disclosure
- Check for Common Files
- Check for Email Addresses
- Microsoft Office Possible Sensitive Information
- Local Path Disclosure
- Error Messages
GHDB Google Hacking Database
- Over 1200 GHDB Search Entries in the Database
- Other vulnerability tests may also be preformed using the manual tools provided, including:
Input Validation
- Authentication attacks
- Buffer overflows
[This software has been added to our SD Tools Watch Process]
Post scriptum
Compliance Mandates
|
Related Articles
Acunetix |
|
Application Scanner |
|
Vulnerability Scanner |
|