Acunetix WVS (web vulnerability scanner) automatically checks web applications for vulnerabilities such as SQL Injections, cross site scripting, arbitrary file creation/deletion, and weak password strength on authentication pages. It boasts a comfortable GUI, an ability to create professional security audit and compliance reports, and tools for advanced manual webapp testing.
From my experience with vulnerability scanners I would rate Acunetix as the best my favourite, followed by AppScan Standard and then AppScan Enterprise.
Acunetix has a lot more functionally which allows me to do more. Its customer support is very quick in responding and it is also the cheapest Licence out of the 3, but my opinion is only based on performance. (And no I am not a sales person for Acunetix!!).
Basic Acunetix Scan
File > New > Web Site Scan
Scan Wizard will commence.
Input the Website URL > NextSelect the Scanning Profile & Setting > Next
Also possible to Select specific files once the crawl is complete incase some may be out of scope.
Fill in Target Information > Next
If the application contains a login mechanism create a new Login Sequence
Verify URL > Next
Enter the Login Credentials > Next
Verify Login was successful > Next Select any Links that are out of scope or restricted > Next
Verify Login Sequence> Finish
Add any recommendations that are needed, if none are relevant simple ignore > Finish
The scan will then commence.
Once the scan has complete the Scan Results will appear like so. It outlines each issue by severity of High, Medium, Low, or Informational.
Acunetix Web Vulnerability Scanner ( WVS ) offers you the ability to choose specific types of attacks to run against a site.
Navigate to the Configuration > Scanning Profiles.
Click the ”Create a new profile” button next to the Profile drop down menu and enter a name for the new scanning profile.
Make sure that the scanning profile is selected in the Profile drop down menu and then configure the desired type of attack for the website.
Click ”Save” next to the ”Create a new profile” button to save the changes to the selected scanning profile.
The Site Crawler analyses a target website and builds the site structure using the information collected, including the site’s directories and files / objects.
Specify the desired URL and Login Sequence if one is in place. Once the crawl is complete the Results will be displayed as below:Save the Scan
Crawler configuration settings can be modified by navigating to ‘Configuration >
Scan Settings > Crawling Options’. The following Site Crawler options are available:
The Target Finder tool in Acunetix WVS is a port scanner which can be used to discover running web servers on a given IP or within a specified range of IP’s.
To Start a scan enter a single IP or a range of IP’s to be scanned, e.g. 192.168.0.1-100. If the web servers to be scanned are listening on non default ports add the port numbers to the ‘List of Ports’ entry field.
Discovered web server/s is/are displayed in real time mode, as soon as they are discovered. The server type, hostname and server banner are also retrieved. HTTPS web servers are identified by a padlock icon.
Ping the URL to gain the IP.
It is possible to manually crawl your website with Acunetix WVS using a web browser. Using the resultant — and manually crawled — links, it is then possible to build a website structure that will be targeted during the security scan. This is useful for scanning specific web applications that cannot be automatically crawled due to some strange coding ambiguities.
Configure the proxy Server for the desired browser (IE) as follows:
Open the Website in the IE Browser and the HTTP Sniffer and manually move through the Site and the Sniffer will capture all the Requests and Responses.
When finished Hit Stop
Possible to save the proxy Log
Select the location
Once saved Import Log to the Crawler.
In the Site Crawler node, click the ‘Build Structure from HTTP Sniffer log’ button (highlighted in the above screen shot) to import the captured data into the Site Crawler.
It is also possible to import HTTP Sniffer logs to an already existing scan, or import multiple HTTP Sniffer logs into the same crawl. To do so, simply tick the option “Merge the log9s0 with the currently opened crawl results in the HTTP Sniffer Log import window as highlighted below.Once the Proxy Log has been imported Select the Host > OKSelect Start and the Results will be listed as below
The HTTP Fuzzer enables you to launch a series of sophisticated fuzzing tests to audit the web application’s handling of invalid and unexpected random data. The HTTP Fuzzer also allows you to easily create input rules for further testing in Acunetix Web Vulnerability Scanner.
To create a Fuzzer filter, click on the ‘Fuzzer Filters’ button in the toolbar to open the filters dialog. To use a predefined filter template, select the rule template from the dropdown list; otherwise custom filters can be created by defining the following parameters:
Rule description – A name to describe the rule
- Rule Type – Select if the rule will be used to Include or Exclude the result returned because of the filter, or if it has to be logged in the ‘Activity Window’
- Apply To – Indicate where to search for the matching expression, if in the HTTP response headers, body or status code
- Regular expression – The regular expression or text which will be searched to match the rule.
From the Tools Explorer, select the ‘Authentication Tester’ node and in the ‘Target URL to test’ edit box and specify the target URL.
Select ‘HTML form based’ as the authentication method to be used for the attack and click on ‘Select user/password form fields to use’.
Indicate the form field that represents the username, by clicking on the field and clicking on ‘Username’ button. You have to also indicate the form field that represents the Password by clicking on the field, and clicking on the ‘Password’ button at the bottom of the window.
Acunetix must be instructed what constitutes a failed login page so the application realizes the appropriate behaviour upon successful login. Using a web browser, attempt to log in to the page to generate a login error and note down the text that indicates a login failure. Set ‘Logon has failed if’ to ‘Result contains’ and copy the text that indicates a login failure in the input text box. Regular expressions can also be specified by choosing ‘Result matches regular expression’. Click ‘Start’ to launch the dictionary attack against the web form.
Acunetix has the capability to export results as AVDL, XML and for Imperva WAF
Acunetix Web Vulnerability Scanner Reporter is a standalone application that allows you to generate reports for the security scans performed using Acunetix Web Vulnerability Scanner. The Reporter can be launched after completing a scan, or from Acunetix Web Vulnerability Scanner program group, and can be used to generate various types of reports including developer reports, executive reports, compliance standard reports or a report that compare the results of two scans.
Each type of report also contains its own Report Wizard to help.
Hit Generate ReportClick ‘Yes’ to import the scan into the database.
Saving a Report automatically saves as a .pre file that can only be opened within Acunetix.
Acunetix does allow for multiple formats when saving.