URL rewrite (ex. mod_rewrite) is a common technology which is enabled on a web server to change the format of the URL being requested on the fly, for search engine crawling purposes. Common example: http://testasp.vulnweb.com/showthread.asp?id=1 can be rewritten automatically into: http://testasp.vulnweb.com/showthread.asp/id/1 ?id=1 is a parameter…
How can I define my own URL rewrite rules?
When used by a website, URL rewrite rules need to be defined in Acunetix WVS to instruct the Crawler on how to recognize rewritten URLs, otherwise some URLs will be misinterpreted as directories — which will result in an incorrect scan. In this FAQ we…
Why isn’t my website’s web technology listed in the scan wizard?
Acunetix WVS is designed to perform a web security scan by using a web application as an exploitable front-end, through which it can make contact with a web server. This approach ensures that WVS does not rely on specific compatible web-servers or web technology for…
Easy Tips to Increase Your Blog Security
Blog security is a hot topic among today’s online community. If you own a blog, you want a regular supply of visitors and it’s up to you to keep them safe. Some people panic when they find technical security solutions which they can’t understand; but…
Acunetix Web Vulnerability Scanner 8 BETA Available Now
Note: This is no longer available. Click here to download a 14-day free trial of the latest version of Acunetix. The next stage in the evolution of Acunetix Web Vulnerability Scanner has arrived — WVS 8 BETA! Many of you have been biting their nails…
Acunetix Reseller Jacadis to Sponsor ISACA Security Conference
On the 5th of December 2011, the Pittsburgh chapter of ISACA will be hosting a one-day “Information Technology Audit & Control” Conference; with Acunetix reseller Jacadis — specialists in network and web security — as one of the gold corporate sponsors for the event aimed at IT auditors,…
Don’t Forget Your Marketing Website Security
I recently read about a marketing agency that experienced a security breach and subsequent defacement of its customers’ websites. Apparently their developers had misconfigured the web server and unknowingly gave the whole world access to change any and all content at will. What interested me…
Why people violate security policies
Many organizations have a formal set of information security policies covering everything from acceptable internet usage to security in software development to web application security. In fact, it’s hard to come across a business today that doesn’t have at least a policy or two in…
Not All Web Vulnerability Scans Are Created Equal
Recently a client of mine sent over the results of a web vulnerability scan that one of their customers had run against their production web environment. My client was curious why the results of this third-party scan were different from my findings just a few…