Net-Wall Internet Security

Acunetix WVS Features

Automatically detects SQL injection, cross site scripting and other web vulnerabilities

SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitor´s browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about SQL injection and cross site scripting at the Acunetix web site security centre.

Other detected Web Vulnerbilities


 

Detects Google hacking vulnerabilities

Google hacking is the term used for a hacker trying to find exploitable targets and sensitive data by entering queries in search engines. The Google Hacking Database (GHDB) contains queries that identify sensitive data such as portal logon pages, logs with network security information, and so on. Acunetix launches all the Google hacking database queries onto the crawled content of your web site, to find any sensitive data or exploitable targets before a “search engine hacker” does. The Google hacking feature is a unique, industry-first feature.


 

Extend attacks with the HTTP editor & sniffer

With the HTTP editor, you can construct HTTP/HTTPS requests and analyze the web server responses. Use it to perform custom SQL injection and cross site scripting attacks. With the HTTP sniffer you can log, intercept and modify all HTTP/HTTPS traffic, giving you an in-depth insight into what data your web application is sending.


 

HTTP fuzzer – Automated, rule based variable testing

The HTTP fuzzer tool allows you to create rules to automatically test for buffer overflows & input validation. For example, using the HTTP fuzzer you could create a rule which replaces the variable part in a URL (e.g.http://test.acunetix.com/listproducts.php?cat=1 with the numbers 1 – 999. This way you could launch a 1000 queries, only checking meaningful results, saving a great deal of time compared to manual testing.


 

Javascript / AJAX application security scanning

Version 4 now adds the ability to check AJAX applications for security vulnerabilities. AJAX applications offer tremendous possibilities for extending the use of web applications, however they also require more stringent security checks. Acunetix WVS 4 now includes the industry’s most advanced JavaScript analyzer to help companies keep their AJAX applications secure.


Crawl password protected areas

Acunetix Web Vulnerability Scanner can be configured to scan password protected sections of the website with one or more user/password combinations. Using the login sequence tool, which works similarly to a macro recorder, one can easily configure the path the scanner must crawl, including links it should not follow, such as a logout link.

Automatic HTML form filler

The HTML form filler allows you to configure different inputs that you want the web scanner to give when it encounters an HTML form. This way you can automatically test how your website behaves for different types of inputs.

Other Features

Acunetix WVS Features

System Requirements

Windows 2000/2003 or Windows XP, Internet Explorer 5.1 or higher, MS SQL Server/Access if database is enabled, 200MB of hard disk space.

 Return to Acunetix Overview

Newsletter opt-in

If you would like to receive email and other electronic messages from us containing important news and information, please enter your email below.