Start-up company Acunetix recently released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix WVS 2 crawls an entire website, launches popular web attacks (SQL Injection, Cross Site scripting etc.) and identifies vulnerabilities that need to be fixed.
Attackers are concentrating their efforts on web-based applications – 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.
“Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker’s prime target,” said Nick Galea, CEO of Acunetix. “Auditing one’s web apps should be the number one security concern.”
The need for an automated web application vulnerability scanner
Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What’s more, the security checks can easily be re-launched for each application update.
How Acunetix Web Vulnerability Scanner works
Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.
Automatically detects SQL injection, cross site scripting and other web vulnerabilities
SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors’ browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks.
Acunetix Web Vulnerability Scanner also checks for the following web attacks:
- CRLF injection attacks
- Code execution attacks
- Directory traversal attacks
- File inclusion attacks
- Input validation attacks
- Authentication attacks.
Advanced penetration testing toolsAcunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.
Pricing & availabilityAcunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit: .