Some time ago, I joined a bug bounty program of a household name brand, who shall remain anonymous throughout this article. This write-up documents a journey of finding and exploiting SQL injection in some unexpected places. To get started, I randomly chose one of the…
Chunghwa Telecom secures over 100 websites with Acunetix
Chunghwa Telecom, Taiwan’s largest integrated telecommunications services company, with over 12,000 employees and 100 websites, has been using Acunetix since 2009 to protect both their internal critical websites and customer systems. After analysing both HP Webinspect and IBM AppScan, Chunghwa Telecom found Acunetix to be…
Acunetix Vulnerability Testing Report 2017
Each year the Acunetix Team compiles a vulnerability testing report based on data from Acunetix Online. This third Vulnerability Testing Report contains data and analysis of vulnerabilities detected by Acunetix throughout the period of March 2016 to March 2017, illustrating the state of security of…
Simple to use security scan in the cloud – Video
Security breaches are the most common issues that company IT departments in all sectors look out for. Companies are taking extensive measures to address threats and create value by running their software in the cloud (63% according to a 2016 PWC report). Performing a regular…
Major Update of Acunetix Online out now!
Acunetix Online has undergone a mammoth update, now enjoying all the features and benefits found in Acunetix On-Premises, including: Integrated vulnerability management, greater manageability of threats and targets and the integration of popular WAFs and Issue Tracking systems. Acunetix Online also features a brand new…
Port scanning with Server Side Request Forgery (SSRF)
As a pen-tester, there are going to be situations where you will be asked to provide evidence of the seriousness of a vulnerability that has been identified. There is ample documentation on how to do this for the more common vulnerabilities such as Cross-site Scripting…
Acunetix receives highest score for “Penetration Testing” Use Case
Gartner’s 2017 Critical Capabilities for Application Security Testing Report Gartner, Inc., the leading provider of research and analysis on the global information technology industry, has recognised Acunetix as a Challenger in February 2017 Magic Quadrant for Application Security Testing (AST), and has given Acunetix the…
Acunetix Jenkins Plugin provides DevOps with on the spot identification of web vulnerabilities
Continuous Integration is a software development practice which involves the frequent merging, or integration of work from different developers on a team. Not only does CI help eliminate tedious and error-prone work, but it also reduces the chance of bugs – including web vulnerabilities. With…
Start using Acunetix v11 with Acunetix Quick Start Guide
The Acunetix Quick Start Guide Video is a short guide covering basic steps to get you started using Acunetix v11. Learn how to launch a scan, analyze the scan results and create a report. Find your way around the new web-based user interface re-engineered from…