AUSTIN, Texas, Feb. 25, 2020 – Acunetix, the pioneer in automated web application security software, will be participating in RSA Conference 2020 with a talk by one of the company’s leading sales engineers, a live interview with Security Weekly, and a booth in the North…
How We Found Another XSS in Google with Acunetix
You have to be a very lazy hacker not to try to find issues in Google. Link and I are not lazy but we may be a bit luckier than most. And we use good tools, which helps. Some time ago, we found an XSS…
Why Malicious Hackers Set Their Sights On Hospitals
If you scan the news headlines, you might be forgiven for thinking that the biggest target of online attackers is financial institutions. Cyber attacks aimed at banks typically gain a lot of press coverage, because everybody likes to think that their money is safe. In…
Session Hijacking and Other Session Attacks
Session IDs are a tasty treat for malicious hackers. Once an attacker gets their hands on a session ID, they can get unauthorized access to a web application and fully impersonate a valid user. In general, there are three primary methods to obtain a valid…
What’s New in Acunetix v13
Check out what’s new in Acunetix v13. This brief presentation highlights the following features: Full integration with a network scanner for comprehensive vulnerability management Malware scanning using Windows Defender or ClamAV The revolutionary SmartScan engine – find up to 80% vulnerabilities in the first 20%…
Acunetix v13 Release Introduces Groundbreaking Innovations
London, United Kingdom – February 5, 2019 – Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix Version 13. The new release comes with an improved user interface and introduces innovations such as the SmartScan engine, malware detection functionality,…
What Are HTML Injections
HTML injections (HyperText Markup Language injections) are vulnerabilities that are very similar to Cross-site Scripting (XSS). The delivery mechanisms are exactly the same but the injected content is pure HTML tags, not a script like in the case of XSS. HTML injections are less dangerous…
XSS Filter Evasion Basics
The two primary methods of avoiding Cross-site Scripting (XSS) vulnerabilities are XSS filtering and XSS escaping. However, XSS filtering is not recommended because it can usually be evaded using clever tricks. Here are some of the methods that an attacker can employ in their malicious…
How to Use Allowed Hosts
When you build web applications, you often use multiple back-end web services to interface between client-side and server-side applications. For example, enterprises use functional subdomains to distribute static content or application logic between API requests. To scan the entire web application, the web vulnerability scanner…