Acunetix Web Vulnerability Scanner version 10 (build 20150707) has been updated to include new vulnerability checks, including the detection of Same Origin Method Execution, XSLT Injection, Blind Out-of-band Remote Code Execution and Blind Out-of-band SQL Injection. This build also includes various updates to the new…
XML external entity injection via REST APIs
The new version of Acunetix Web Vulnerability scanner comes with improved support for scanning REST APIs. When Acunetix WVS finds an REST API definition (via a WADL file or from Acunetix DeepScan) it also scans this API resource for XML external entity injection vulnerabilities. If…
How to scan REST APIs using Acunetix WVS version 10
In this blog post I’m going to describe 3 different ways to scan REST APIs using the new version 10 of Acunetix Web Vulnerability Scanner. 1. REST API automatically discovered via Acunetix DeepScan Let’s start with a simple web application that is using REST. It…
Improved support for Ruby on Rails web applications
Aside from better scanning of Java/J2EE web applications, Acunetix WVS version 10 comes with improved support for web applications built using the popular framework Ruby on Rails. A lot of new Rails specific tests were added in the new version. For example, many Rails developers…
Better scanning of Java / J2EE web applications
With the release of Acunetix WVS version 10, we’ve introduced a lot of improvements on how we test Java web applications. Java web applications are notoriously hard to scan automatically for many reasons, the most important one being session management. This type of application will…
Delegate tasks, limit access and stay in control with Acunetix OVS Multi-User Access
A new feature to the online version of Acunetix – Acunetix Online Vulnerability Scanner (OVS) now allows the owner of an account to create child users, delegating vulnerability scanning and reporting tasks to other users and at the same time auditing their actions. This increased…
Acunetix OVS Update, Spots Vulnerabilities with Military Precision
An important update has just been rolled out to Acunetix Online Vulnerability Scanner (OVS) which includes 2 features unique to Acunetix – AcuSensor and AcuMonitor. Both technologies have been successfully used in Acunetix WVS to enhance scan results by improving vulnerability detection and detecting difficult…
Acunetix WVS v9.5 build 20140902 detects Hibernate Query Injection, Format Strings and more
Acunetix Web Vulnerability Scanner version 9.5 build 20140902 has been updated to include new vulnerability checks, including detection of Hibernate Query Injection, format strings vulnerabilities, MySQL username disclosure and others, including some, in well-known web applications. This new build also optimises existing checks, including its…
Acunetix WVS v9.5 build 20140602 includes new vulnerability checks for popular web applications and platforms
Acunetix Web Vulnerability Scanner version 9.5, build 20140602, identifies new vulnerabilities in Google Web Toolkit™, Joomla!, Parallels Plesk, nginx, and a number of WordPress plugins including the popular All in One SEO plugin. The following is the full list of updates included in this release….