Acunetix Web Vulnerability Scanner (WVS) 6.5 Released


You may remember a while back we did a Review of Acunetix Web Vulnerability Scanner 6 – the very full featured web vulnerability scanning software.

Acunetix

Well the latest version has been released recently with some updates, bug fixes and improvements on the web application security front.

I’m hoping to try out the AcuSensor on a PHP install soon to see what kind of information it can give me.

A full review isn’t really need as the installation, interface and features are mostly the same as version 6.

Acunetix Web Vulnerability Scanner (WVS) 6.5

One of the great new features is the Login Sequence Recorder (LSR), which can record the exact sequence needed to login to a site and replay it.


Acunetix WVS Login Sequence Recorder

Combine this with the Session Auto Recognition module, which will identify when a logged in session is invalided or expired and will re-login automatically and you have a great tool for scanning authentication based web applications.

There is also a lot more support for JSP/Tomcat based application, I haven’t had chance to test this as I don’t deal with many Java based web applications.

Also included are some back-end and interface changes like the display of port scan & network alerts separately from the web alerts, which does make it easier to see where the issues are.

Scanning Interface

Backend stuff like cookie handling and Blind SQL Injection methods have been improved, you can also import your settings from Version 6 if you are currently using that.

You can read the press release here, or more on the blog here.

The pricing can be found here (in both Euros and USD).

If you want to know more about the features you can download the manual here:

Acunetix WVS 6.5 Manual [PDF]

Posted in: Advertorial, Database Hacking, Exploits/Vulnerabilities, Hacking Tools, Networking Hacking, Web Hacking

, , , , , , , , , , , , , , ,


Latest Posts:


Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.
Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.
BloodHound - Hacking Active Directory Trust Relationships BloodHound – Hacking Active Directory Trust Relationships
BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an AD environment.
SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.


2 Responses to Acunetix Web Vulnerability Scanner (WVS) 6.5 Released

  1. ethicalhack3r June 19, 2009 at 6:40 pm #

    If only I had

  2. jon August 5, 2009 at 2:17 pm #

    did you test the acusensor on php apps? not working for me.