Some websites are designed to use custom 404 error pages instead of a web browser’s standard error page because they can be branded and made to contain useful links to other important pages. If your website uses custom 404 error pages — which generate different…
Why did Acunetix WVS display a message window stating that URL rewrite was detected during a scan?
URL rewrite (ex. mod_rewrite) is a common technology which is enabled on a web server to change the format of the URL being requested on the fly, for search engine crawling purposes. Common example: http://testasp.vulnweb.com/showthread.asp?id=1 can be rewritten automatically into: http://testasp.vulnweb.com/showthread.asp/id/1 ?id=1 is a parameter…
How can I define my own URL rewrite rules?
When used by a website, URL rewrite rules need to be defined in Acunetix WVS to instruct the Crawler on how to recognize rewritten URLs, otherwise some URLs will be misinterpreted as directories — which will result in an incorrect scan. In this FAQ we…
Why isn’t my website’s web technology listed in the scan wizard?
Acunetix WVS is designed to perform a web security scan by using a web application as an exploitable front-end, through which it can make contact with a web server. This approach ensures that WVS does not rely on specific compatible web-servers or web technology for…
FAQ: What additional features does Acunetix WVS include?
The following features complete the Acunetix WVS scanning arsenal: Innovative AcuSensor technology Web server configuration detection Web server security scan (Port Scanner) against services such as DNS, SSH etc Dictionary (brute force) attacker to test password strength of login pages or HTTP authentication Report Generator…
FAQ: How does Acunetix reduce false positives?
Acunetix is a heuristic scanner and not a signature based scanner, which by design is an efficient way of reducing false positives. With the introduction of AcuSensor Technology, false positive reporting has been drastically reduced because vulnerability detection is no longer based on just the error messages…
FAQ: Why does Acunetix WVS detect pages that don’t exist on my website?
Some websites are designed to use custom 404 error pages instead of a web browser’s standard error page because they can be branded and made to contain links to other important pages. If your website uses custom 404 error pages which generate different error codes,…
How to choose a web vulnerability scanner
A must read interview for anyone who is interested in evaluating web vulnerability scanners. In this interview we discuss the process of choosing a web vulnerability scanner and underline several factors that should be taken into consideration in the decision-making process. Which is the best…
Creating custom vulnerability checks for Acunetix WVS
You can reach the latest technical information here: Adding Custom Vulnerability Checks to Your Acunetix Installation Vulnerability checks in Acunetix Web Vulnerability Scanner consists of two files; *.script – The actual vulnerability check written in JavaScript. Such scripts are stored in the <C:\ProgramData\Acunetix WVS x\Data\Scripts>…
