Login Contact Us Toll Free 888-891-8885
m



ALLIANCE SECURE SOLUTIONS
Acunetix Web Vulnerability Scanner



Acunetix Preferred Partner, Acunetix Reseller - Acunetix Web Vulnerability Scanner

Purchase Acunetix Now -  Buy Acunetix


Subscribe to our feeds
Alliance RSS Feed - Alliance Deal Wire
Twitter Home Page
Linked In Company Profile
Veeam Software Blog - Buy Veeam
   


Acunetix Web Vulnerability Scanner

Acunetix Web Vulnerability Scanner is a tool designed to discover security holes in web applications that attackers could abuse to gain access to a business' systems and data. With Acunetix WVS websites can be regularly checked for vulnerabilities such as SQL injection and Cross Site Scripting. The scanner ships with many innovative features such as: AcuSensor Technology, automatic JavaScript analyzer, Visual macro recorders and extensive reporting facilities, which include various compliance reports.



Audit your website security with
Acunetix Web Vulnerability Scanner?
As many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists.  Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases and also allow hackers to perform illegal activities using the attacked site. A victim’s website can be used to launch criminal activities such as hosting phishing sites or to transfer illicit content, while abusing the website’s bandwidth and making its owner liable for these unlawful acts.
Firewalls, SSL and locked-down servers
are futile against web application hacking!
Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right in to the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers.

Find out if your web site is secure before hackers download sensitive data, commit a crime using your web site as a launch pad, and endanger your business. Acunetix Web Vulnerability Scanner crawls your web site, automatically analyzes your web applications and finds perilous SQL injection, Cross Site Scripting and other vulnerabilities that expose your on line business. Concise reports identify where web applications need to be fixed, thus enabling you to protect your business from impending hacker attacks!
Acunetix - a world-wide leader in web application security
Acunetix has pioneered the web application security scanning technology: Its engineers focused on web security as early as 1997 and developed an engineering lead in web site analysis and vulnerability detection.

Acunetix Web Vulnerability Scanner includes many innovative features:
• An automatic Javascript analyzer allowing for security testing of Ajax and Web 2.0 applications
• Industry’s most advanced and in-depth SQL injection and Cross site scripting testing
• Visual macro recorder makes testing web forms and password protected areas easy
• Extensive reporting facilities including VISA PCI compliance reports
• Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease
• Intelligent crawler detects web server type and application language
• Acunetix crawls and analyzes websites including flash content, SOAP and AJAX
• Innovative AcuSensor Technology that allows accurate scanning for many vulnerabilities
• Port scanning and network alerts against the web server for complex security checks


Key features of Acunetix Web Vulnerability Scanner

Acunetix Web Vulnerability Scanner automatically detects the following vulnerabilities in web applications:
• Cross site scripting
• SQL injection
• CRLF injection
• Code execution
• Directory traversal
• File inclusion
• Script source code disclosure
• Discovers files/directories that may contain sensitive information
• Looks for common files (such as logs, application traces, CVS web repositories), back-up files or directories
• Finds directory listings
• Discovers directories with weak permissions
• Discovers available web server technologies (such as WebDAV, FrontPage, etc.)
• Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE)
• Inspects the HTTP version banners and looks for vulnerable products
• Tests password strength of applications.

Extend attacks:
• With Acunetix Web Vulnerability Scanner, you can construct HTTP/HTTPS requests and analyze the responses using the HTTP editor.

Connection spy:
• By enabling you to log, intercept and modify all HTTP/HTTPS traffic, Acunetix Web Vulnerability Scanner gives you an in-depth insight into what data your web application is sending.

Test password strength:
• To test the strength of your passwords, you can perform a dictionary attack on basic HTTP, NTLM or form-based authentication.

Test database editor:
• Acunetix Web Vulnerability Scanner includes a text database editor that permits you to add additional attacks to the test database (Enterprise & Consultant versions only).

Supports all major web technologies:
• Applications utilizing CGI, PHP, ASP, ASP.NET can all be tested for vulnerabilities.

Scanning profiles:
• Acunetix Web Vulnerability Scanner allows you to quickly scan sites with different options and identities.

Reporting:
• You can save scan sessions to MS SQL Server/Access databases and generate complex reports from previous scan sessions using information stored in the database.

Requirements:
• 128 MB of RAM (256MB or higher recommended)
• 200 MB of available hard-disk space
• Microsoft Internet Explorer 5.1 (or higher)
• Microsoft SQL Server / Access if database is enabled (optional)


New security checks:
• 8.3 DOS filename source code disclosure
• Apache Tomcat Directory Host Appbase authentication bypass vulnerability
• Apache Tomcat WAR File directory traversal vulnerability
• Apache stronghold-info enabled
• Apache stronghold-status enabled
• ColdFusion 9 Solr Service exposed
• Error page path disclosure
• Error page web server version disclosure
• File inclusion RFI list
• Checks for multiple vulnerabilities in XAMPP
• Server-Side Includes (SSI) injection on Unix
• Server-Side Includes (SSI) injection on Windows
• ASP.NET error messages when requesting URL like |.aspx

Improvements:
• Added more variants to FCKeditor arbitrary file upload
• Updated cross site scripting in path security checks
• Updated directory listing security checks
• Updated directory traversal on Unix security checks
• Updated file upload security checks
• Updated LDAP injection security checks
• Updated possible sensitive files security checks
• Updated XPath injection security checks ...



Have Questions?  Call our experts at 888-891-8885 option 3 or e-mail us at
sales@alliancetechpartners.com