Acunetix version 12 (build 12.0.181218140 – Windows and Linux) has been released. This new build checks for vulnerabilities in Apache Solr, Apache mod_jk, Coldfusion, ACME mini_httpd, Spring Security. The new build also includes a number of updates and important fixes. The new vulnerability checks, updates…
Why Scoping Cookies to Parent Domains is a Bad Idea
When dealing with Web Application vulnerability assessments, it is very common to come across scenarios where for various reasons (business or otherwise) users decide to focus entirely on Medium or High severity vulnerabilities such as SQL Injection and XML External Entity Injection. As a result,…
What is Web Cache Poisoning?
How does Caching work? All forms of Caching in computer science, whether it be CPU cache, HTTP Web Server cache, Database cache and so on, aims to speed up response times for whatever is requested. Doing so helps reduce load as much as possible on…
Which Linux distributions can Acunetix be installed on?
Acunetix has been tested on the following Linux distributions: Ubuntu Desktop/Server 16.0.4 LTS or higher Suse Linux Enterprise Server 15 and openSUSE Leap 15.0 Acunetix may work on other Linux distributions. For example, we have a number of Acunetix users who installed Acunetix on Kali…
What is the difference between Acunetix for Windows and Acunetix for Linux?
The main difference is in the way that Acunetix is installed. The Windows version can be installed using the GUI installer, while the Linux version can be installed from Terminal. The Acunetix web UI is the same on Windows and Linux, and the same functionality…
New build updates DeepScan and LSR, introduces support for Swagger and Kerberos Auth
Acunetix version 12 (Windows build 12.0.181203110, Linux build 12.0.181204095) has been released. This new build includes updates to DeepScan and Login Sequence Recorder (LSR). It also introduces support for Swagger and Kerberos HTTP Authentication in the Windows version and introduces support for NTLM HTTP Authentication…
Paul’s Security weekly Episode: Insecure Deserialization in Java/ JVM
Aleksei Tiurin, Senior Security Researcher at Acunetix, joins Paul’s Security Weekly to talk us through “Insecure Deserialization in JAVA/JVM”! After initial extensive research in 2015, Insecure Deserialization has been a very hot topic in the Java-world. More and more deserialization vulnerabilities are found again and…
Winmill Software showcase Acunetix at NYC Infosec
Acunetix Expert Partners Winmill Software were present at the 2018 Infosecurity event held in New York City on the 14-15 November at the Javits Convention Centre. Winmill Software Senior Account Manager David Stone and Erika Beck, Sales Executive were in attendance.
How To Clean A Hacked Installation of Nginx
There are literally hundreds of ways to secure & solidify a Nginx server after an attack. But, what does it REALLY need to be cleaned and secure? What are the essential changes you have to make to feel secure again? To answer that question, we’ll have…