Acunetix – a pioneer of scanning technology web applications , today announced a new feature to its scanner – checks for vulnerabilities in forms load. This functionality is now available in the scanner Acunetix Web Vulnerability Scanner. Introduced new function «file upload forms vulnerability checks», which defines vulnerability when loading files. Team Acunetix checking multiple web applications, noted that a large number of well-known web applications , does not have safe ways of downloading the file , which results in unauthorized access to the Web serevere company. To prevent this , you need to check: the type of boot file (Mime Type), enlargement of the file . Htaccess, check the header image , verification of data from the client side .
Acunetix Web Vulnerability Scanner (WVS) is as follows : Acunetix WVS explores the forms and structure of the site , treating all found links and collecting information on all the detected files ; Then, the program tests all web- pages with elements for data entry, data entry modeling using all possible combinations and analyzing the results ; A vulnerability was discovered , Acunetix WVS displays an alert that describes the vulnerabilities and recommendations for resolving it ; The final report WVS can be written to a file for further analysis and comparison with the results of previous audits .
What detects vulnerabilities Acunetix Web Vulnerability Scanner Acunetix Web Vulnerability Scanner automatically detects the following vulnerabilities : Cross site scripting ( execution of malicious script in the user’s browser in the handling and safety in the context of a trusted site) ; SQL injection ( also Blind injectivity , but yet he only finds the injection site – but the injection itself does not hold ) Database GHDB (Google hacking database) – a list of standard queries used by hackers to gain unauthorized access to web- applications and websites. Running the code : Bypassing the catalog; Insert File (File inclusion); Disclosure of contents of a script ; CRLF injection Cross frame scripting; Public backups of files and folders; Files and folders containing important information ; Files that contain the information necessary to carry out attacks ( system logs , trace logs, applications, etc.) ; Files containing lists of folders; A folder with a low level of protection, allowing you to create, modify or delete files. And also identifies the involved server technology (WebDAV, FrontPage , etc.) and permit the use of potentially hazardous http- methods (PUT, TRACE, DELETE).
The new version is : * Rikorder serial login that supports mnochislennye forms of identification . * Automatic recognition module session , in which the search agent identifies when the session was interrupted or completed, or is automatically authorized again. * Action drop-down menu where you are active and shows its function . * Implemented a lot more checks in the JSP, Java and Tomcat Key updates in the new version: * Improved cookie-files and processing ssesiyami to maintain current dinamichiskih sites. * Port Scanner and Network Alerts appear as a separate unit from web alerts when viewing the results. * The ability to import settings from install Version 6 * Dobvlennaya Blind injection SQL, which provides test using MySQL and omissions function waitfor SQL MS. What helps in the detection of specific injection Blind SQL, which do not report changes in a web page.
Acunetix Web Vulnerability Scanner v9.0 Build 20130904 Retail with keygen-tPORt