Web Vulnerability Scanner (WVS)

Acunetix Web Vulnerability Scanner is a highly customisable and regularly updated web application scanner which allows the tester to thoroughly check for a plethora of webapplication vulnerabilities including carrying out pre-defined checks for:

• Cross-Site Scripting (XSS)
• SQL Injection
• Code Execution
• Directory Traversal
• File Inclusion
• Script Source Code Disclosure
• CRLF Injection
• Cross Frame Scripting (XFS)
• PHP Code Injection
• XPath Injection
• Full Path Disclosure
• LDAP Injection
• Cookie Manipulation

Acunetix also comes with a built-in modules for:

• CGI Testing

• Method Testing

• File and Directory crawling and verification

• Textual Searching

• GHDB Google Hacking Database testing

In addition to its automated scanning engine, Acunetix includes advanced tools to allow penetration testers to fine tune web application security checks allowing the tester to use:

• HTTP Editor - With this tool you can easily construct HTTP/HTTPS requests and analyze the web server response.
• HTTP Sniffer - Intercept, log and modify all HTTP/HTTPS traffic and reveal all data sent by a web application
• HTTP Fuzzer - Performs sophisticated testing for buffer overflows and input validation. Test thousands of input variables with the easy to use rule builder of the HTTP fuzzer. Tests that would have taken days to perform manually can now be done in minutes.
• Custom attacks/ modify existing ones with the Web Vulnerability Editor

Acunetix is also able to automatically fill in web forms and authenticate against web logins. Most web vulnerability scanners are unable to do this or require complex scripting to test these pages.

Acunetix trial full: http://www.acunetix.com/vulnerability-scanner/download.htm

Acunetix free: http://www.acunetix.com/cross-site-scripting/scanner.htm

Installation:

Simply download and install (and register)

Select to install Firefox Plugin - A review of this can be found here.

Execution:

Two Modes:

Wizard process

Selecting New Scan.

Input URL/ IP or Browse to new or save target file.

Acunetix will automatically detect (or the user can specify) the targets server-side web technologies deployed to fully tailor and optimise the scan.

Crawling Options - Specify verbosity level for site crawling.

Scan Options - Select pre-defined (or user created) profile and scannig mode i.e. Quick, Extensive, Heuristic etc.

Authentication Details - User supplied credentials or Recorded Login Sequence.

Finish (i.e. Execute)

Manual

Select specific Tool

Input required information i.e. URL, Authentication Method/ Error Codes etc.

Select Start

An explorer type window details the Site Structure and any alerts found with full descriptions of any vulnerabilities' identified.  Included within this are links to Acunetix knowledgebase articles and helpful www links to resources.

Acunetix includes an extensive reporting module which can generate reports that can be tailored dependant on your clients requirements. The Compliance Report template is especially useful allowing you to demonstrate compliance against the requirements of HIPAA, NIST, PCI, Sarbanes Oxley and recommendations made by the Web Application Security Consortium: Threat Classification.

Reporting can be produced in a plethora of formats including pdf, html, text, word and bmp

Summary:

An excellent tool and my Web Application Scanner of choice. Thoroughly extensible and with some excellent bespoke features missing from similar products.  Definitely add this to your toolset!