Acunetix Web Vulnerability Scanner
Audit your website security with
Acunetix Web
Vulnerability Scanner?
As
many as 70% of web sites have vulnerabilities that could
lead to the theft of sensitive corporate data such as credit
card information and customer lists. Hackers are
concentrating their efforts on web-based applications -
shopping carts, forms, login pages, dynamic content, etc.
Accessible 24/7 from anywhere in the world, insecure web
applications provide easy access to backend corporate
databases and also allow hackers to perform illegal
activities using the attacked site. A victims website can
be used to launch criminal activities such as hosting
phishing sites or to transfer illicit content, while abusing
the websites bandwidth and making its owner liable for
these unlawful acts.
Acunetix Web
Vulnerability Scanner?
Firewalls, SSL and locked-down servers
are futile against web application hacking!
Web
application attacks, launched on port 80/443, go straight
through the firewall, past operating system and network
level security, and right in to the heart of your
application and corporate data. Tailor-made web applications
are often insufficiently tested, have undiscovered
vulnerabilities and are therefore easy prey for hackers.are futile against web application hacking!
Find out if your web site is secure before hackers download sensitive data, commit a crime using your web site as a launch pad, and endanger your business. Acunetix Web Vulnerability Scanner crawls your web site, automatically analyzes your web applications and finds perilous SQL injection, Cross Site Scripting and other vulnerabilities that expose your on line business. Concise reports identify where web applications need to be fixed, thus enabling you to protect your business from impending hacker attacks!
Acunetix - a world-wide leader in web application
security
Acunetix has
pioneered the web application security scanning technology:
Its engineers focused on web security as early as 1997 and
developed an engineering lead in web site analysis and
vulnerability detection.Acunetix Web Vulnerability Scanner includes many innovative features:
An automatic Javascript analyzer allowing for security testing of Ajax and Web 2.0 applications
Industrys most advanced and in-depth SQL injection and Cross site scripting testing
Visual macro recorder makes testing web forms and password protected areas easy
Extensive reporting facilities including VISA PCI compliance reports
Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease
Intelligent crawler detects web server type and application language
Acunetix crawls and analyzes websites including flash content, SOAP and AJAX
Innovative AcuSensor Technology that allows accurate scanning for many vulnerabilities
Port scanning and network alerts against the web server for complex security checks
Key features of Acunetix Web Vulnerability Scanner
Acunetix Web Vulnerability Scanner automatically detects the following vulnerabilities in web applications:
Cross site scripting
SQL injection
CRLF injection
Code execution
Directory traversal
File inclusion
Script source code disclosure
Discovers files/directories that may contain sensitive information
Looks for common files (such as logs, application traces, CVS web repositories), back-up files or directories
Finds directory listings
Discovers directories with weak permissions
Discovers available web server technologies (such as WebDAV, FrontPage, etc.)
Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE)
Inspects the HTTP version banners and looks for vulnerable products
Tests password strength of applications.
Extend attacks:
With Acunetix Web Vulnerability Scanner, you can construct HTTP/HTTPS requests and analyze the responses using the HTTP editor.
Connection spy:
By enabling you to log, intercept and modify all HTTP/HTTPS traffic, Acunetix Web Vulnerability Scanner gives you an in-depth insight into what data your web application is sending.
Test password strength:
To test the strength of your passwords, you can perform a dictionary attack on basic HTTP, NTLM or form-based authentication.
Test database editor:
Acunetix Web Vulnerability Scanner includes a text database editor that permits you to add additional attacks to the test database (Enterprise & Consultant versions only).
Supports all major web technologies:
Applications utilizing CGI, PHP, ASP, ASP.NET can all be tested for vulnerabilities.
Scanning profiles:
Acunetix Web Vulnerability Scanner allows you to quickly scan sites with different options and identities.
Reporting:
You can save scan sessions to MS SQL Server/Access databases and generate complex reports from previous scan sessions using information stored in the database.
Requirements:
128 MB of RAM (256MB or higher recommended)
200 MB of available hard-disk space
Microsoft Internet Explorer 5.1 (or higher)
Microsoft SQL Server / Access if database is enabled (optional)
New security checks:
8.3 DOS filename source code disclosure
Apache Tomcat Directory Host Appbase authentication bypass vulnerability
Apache Tomcat WAR File directory traversal vulnerability
Apache stronghold-info enabled
Apache stronghold-status enabled
ColdFusion 9 Solr Service exposed
Error page path disclosure
Error page web server version disclosure
File inclusion RFI list
Checks for multiple vulnerabilities in XAMPP
Server-Side Includes (SSI) injection on Unix
Server-Side Includes (SSI) injection on Windows
ASP.NET error messages when requesting URL like |.aspx
Improvements:
Added more variants to FCKeditor arbitrary file upload
Updated cross site scripting in path security checks
Updated directory listing security checks
Updated directory traversal on Unix security checks
Updated file upload security checks
Updated LDAP injection security checks
Updated possible sensitive files security checks
Updated XPath injection security checks ...
Have Questions? Call our experts at 888-891-8885 option 3 or e-mail us at sales@alliancetechpartners.com