In most TLS handshakes, the client authenticates the server, therefore, the client knows that the server is who it says it is, but the server doesn’t know much about the client. In most cases, this is fine — authentication via credentials is enough in many…
Configuring HTTP Proxy Settings in Acunetix
If the target website or web application you intend to scan is only reachable via an HTTP proxy, you will need to configure Acunetix On-Premises to make use of that HTTP proxy server before running the scan. You can set different proxy settings per Target…
How to scan an HTTP Authentication restricted area
In addition to support for form authentication, which Acunetix supports via the Login Sequence Recorder, you can also scan areas of a website or web application which are restricted through the means of HTTP Authentication. HTTP Authentication, sometimes referred to as Basic Authentication, is a…
Scanning for vulnerabilities using Custom Cookies
There may be some cases in which a website or web application you are scanning requires custom cookies to be set to be scanned properly. In Acunetix, you can set custom cookies which will be used during the crawl and scan. To add a custom…
How do I update to the latest Acunetix build?
Keeping Acunetix up-to-date is important to ensure you always get the latest updates to existing and newly added tests, features, bugfixes and improvements. Fortunately it’s not only easy but transparent. By default Acunetix automatically checks for updates, installs any new updates in the background without…
How to Backup Acunetix
Backing-up your Acunetix data and settings is important and should be done frequently, especially on production systems. This post will show how to do this manually and will also offer a sample implementation in PowerShell for automating the process. Warning: This content applies to older…
Getting Started with the Acunetix Web Services Editor
The Web Services Editor is a tool that forms part of the Acunetix Manual Pen Testing Tools suite (available to download for free). The Web Services Editor allows you to import an online or local WSDL file for an in depth analysis of WSDL requests…
Getting Started with the Acunetix Authentication Tester
The Authentication Tester is a tool that forms part of the Acunetix Manual Pen Testing Tools suite (available to download for free). The Authentication Tester allows you to test the strength of credentials used in HTTP authentication, as well as custom HTML form-based authentication by…
Getting Started with the Acunetix Blind SQL Injector
The Blind SQL Injector is a tool that forms part of the Acunetix Manual Pen Testing Tools suite (available to download for free). The Blind SQL Injector allows you to enumerate MySQL and MSSQL databases via a Blind SQL injection vulnerability. You can start using…
