Acunetix Web Vulnerability Scanner version 10 (build 20150707) has been updated to include new vulnerability checks, including the detection of Same Origin Method Execution, XSLT Injection, Blind Out-of-band Remote Code Execution and Blind Out-of-band SQL Injection. This build also includes various updates to the new…
Tag Archives wvs
Blind Out-of-band SQL Injection vulnerability testing added to AcuMonitor
Acunetix AcuMonitor is a free intermediary service that helps detect second-order vulnerabilities (i.e. vulnerabilities that do not provide a response to a scanner during testing) during a scan. AcuMonitor made its debut with Acunetix WVS version 9. Since then, we’ve continuously improved the service and…
Increased support for REST, Java and Ruby on Rails testing
Acunetix WVS v10 improves its support for crawling and identifying vulnerabilities in various web technologies. This is the result of feedback gathered during the past months from our user-base. Keeping abreast with updates to web technologies is of utmost importance, as it allows Acunetix to…
VIDEO: Acunetix Quick Start Guide
Welcome to the Acunetix Quick Start Guide. This short guide covers how to launch a scan, analyze the scan results and create a report. For further information and help, please visit https://www.acunetix.com/support
XML external entity injection via REST APIs
The new version of Acunetix Web Vulnerability scanner comes with improved support for scanning REST APIs. When Acunetix WVS finds an REST API definition (via a WADL file or from Acunetix DeepScan) it also scans this API resource for XML external entity injection vulnerabilities. If…
How to scan REST APIs using Acunetix WVS version 10
In this blog post I’m going to describe 3 different ways to scan REST APIs using the new version 10 of Acunetix Web Vulnerability Scanner. 1. REST API automatically discovered via Acunetix DeepScan Let’s start with a simple web application that is using REST. It…
Improved support for Ruby on Rails web applications
Aside from better scanning of Java/J2EE web applications, Acunetix WVS version 10 comes with improved support for web applications built using the popular framework Ruby on Rails. A lot of new Rails specific tests were added in the new version. For example, many Rails developers…
Better scanning of Java / J2EE web applications
With the release of Acunetix WVS version 10, we’ve introduced a lot of improvements on how we test Java web applications. Java web applications are notoriously hard to scan automatically for many reasons, the most important one being session management. This type of application will…
BASH Vulnerability leaves IT Experts Shell Shocked!
Yesterday, a critical vulnerability was reported in GNU Bash. Bash is the Bourne Again Shell that is installed on all Linux distributions. The vulnerability is related to the way environment variables are parsed before running the BASH shell. It is possible to create environment variables that include…