Although it is not a suggested operation, yes, you can still scan a website which has URL rewrite enabled without specifying any URL rewrite rules in Acunetix Web Vulnerability Scanner. Unlike other scanners, Acunetix WVS will advise you once it detects that the target website…
New Acunetix WVS V6.5 build; better support for CAPTCHA and modern authentication mechanisms
With the release of Acunetix WVS Version 6.5 latest build; 20090728 (https://www.acunetix.com/support/build-history.htm), we announce that Acunetix WVS has better support for web applications with CAPTCHA, single sign-on and Two factor authentication mechanisms. Thanks to the new ‘Manual Intervention’ module, IT security professionals can now save…
VIDEO: Meeting PCI DSS requirements with Acunetix
Unlike web application firewalls, Acunetix Web Vulnerability Scanner focuses on fixing web security problems, whether than preventing them from happening. Acunetix WVS helps in detecting cross site scripting, sql injections and other web vulnerabilities before the web application is exposed on the internet, during its…
OpenX 2.6.4 vulnerabilities were identified with Acusensor
If you are making use of OpenX, the following update fixes a number of security flaws that were identified when we made use of Acunetix WVS with the Acusensor technology enabled. Released an advisory detailing these vulnerabilities here. The SQL injection vulnerabilities abuse an INSERT…
A quick security analysis of Facebook’s Album Privacy
Most social networking sites have privacy options which allow users to share photo albums with selected people or groups. Such features encourage end users to upload possibly compromising photos, for example photos of last night’s party. The idea is that it is acceptable to share…
AcuSensor Technology in action; finding backdoors in web applications
On March 2, 2007 the following was posted on the WordPress blog: Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your…
Acunetix WVS Scripting reference available
With Acunetix WVS version 6, Acunetix introduced a Port Scanner and Network Alerts. When scanning a website, a port scan against the web server can be launched (optional) and once open ports are found specific network security tests are launched against the network service running…
Running AcuSensor Injector on Windows Server 2008
If you try to run AcuSensor Injector on Windows Server 2008 you will receive the error “Error populating websites, Unknown error (0x80005000)”. AcuSensor Injector is using Active Directory Service Interfaces (ADSI) to construct a list of websites and virtual directories. ADSI is not available by…