Attacks on applications, starting at ports 44/80, going straight to the firewall, crossing the operating system and network-level security, targeting exactly the heart of application and corporate data. This is most commonly seen in custom web applications, which usually do not have enough testing and the vulnerabilities are unknown. Acunetix is a web application security scanning technology that was first developed in early 1997.
Today, more than 70% of websites in the world are vulnerable, which can lead to the theft of sensitive corporate information such as credit card information and customer lists. Hackers are now focusing their efforts on web-based applications - such as shopping sites, forms, login pages, sites with dynamic content, etc., so 7 * 24 access from anywhere in the world to applications Insecure provides easy access to the database associated with it.
Acunetix security scanner features
- AcuSensor technology
- Perform the most advanced and in-depth SQL injection and cross site scripting tests
- Advanced intrusion testing tools such as HTTP Editor, HTTP Fuzzer, HTTP sniffer and Blind SQL Injector
- An intuitive macro recorder that simplifies testing on web forms and password protected areas.
- Supports pages with CAPTCHA, single sign-on and dual authentication mechanisms
- Extensive reporting capabilities including PCI compliance reports
- Multi-processing and fast scanners make it easy to process thousands of pages quickly.
- The existence of smart crawlers that detects the type of web server, application language, and sites with smart phones.
- Acunetix searches and reviews various types of websites including HTML5, SOAP and AJAX.
- Perform a web server scan and perform security checks on network services on the server
- Test for poor passwords on FTP, IMAP, SQL server, POP3, SOCKS, SSH, Telnet and other DNS server vulnerabilities such as Open Zone Transfer, Open Recursion, Cache poisoning
- Perform FTP access tests such as when anonymous access is available, and there are writable FTP directories
- Security checks for weak configured proxy servers
- Checking for weak SNMP Community String
- Check for weak SSL ciphers
- HTTP Parameter Pollution (HPP) vulnerability detection
- Supports specific HTTP headers in automatic scans
- Comparison of each scan with the previous scan
- Identify directories with weak permissions and if dangerous HTTP methods are enabled
- Create a list of unusual HTTP responses such as internal server error, HTTP 500, and more
- List of false positives
- Web server configuration security audit
- Automated File Upload Forms Vulnerability Testing
- Ability to re-scan specific vulnerabilities
How to work Acunetix security scanner
The search part of this software consists of two parts
CrawlingIn this section, the scanner automatically generates a web site review of the program
Scanning At this point, if it does, it will perform a web search on the Web site you created in Previous Step and check the location and vulnerability of that website.
After the test, Acunetix warning messages are one of four modes:
information alerts for example, that useful business websites are such as threatening email addresses.
Security alerts arise due to the lack of data encryption or the availability of directory servers.