Acunetix Web Vulnerability Scanner 7.0 Incl Activator | 17,2 Mb
Audit your website security with Acunetix Web Vulnerability Scanner
As many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists.
Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases and also allow hackers to perform illegal activities
using the attacked site. A victim’s website can be used to launch criminal activities such as hosting phishing sites or to transfer illicit content, while abusing the website’s bandwidth and making its owner liable for these unlawful acts.
Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right into the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers.
Find out if your web site is secure before hackers download sensitive data, commit a crime using your web site as a launch pad, and endanger your business. Acunetix Web Vulnerability Scanner crawls your web site, automatically analyzes your web applications and finds perilous SQL injection, Cross site scripting and other vulnerabilities that expose your on line business. Concise reports identify where web applications need to be fixed, thus enabling you to protect your business from impending hacker attacks!
Acunetix - a world-wide leader in web application security
Acunetix has pioneered the web application security scanning technology: Its engineers focused on web security as early as 1997 and developed an engineering lead in web site analysis and vulnerability detection.
Acunetix Web Vulnerability Scanner includes many innovative features:
- An automatic Javascript analyzer allowing for security testing of Ajax and Web 2.0 applications
- Industry’s most a dvanced and in-depth SQL injection and Cross site scripting testing
- Visual macro recorder makes testing web forms and password protected areas easy
- Extensive reporting facilities including VISA PCI compliance reports
- Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease
- Automate File Upload Forms vulnerability testing
- Acunetix crawls and analyzes websites including flash content, SOAP and AJAX
- Innovative AcuSensor Technology that allows accurate scanning for many vulnerabilities
- Port scanning and network alerts against the web server for complex security checks
- Version Check
- Vulnerable Web Servers
- Vulnerable Web Server Technologies – such as “PHP 4.3.0 file disclosure and possible code execution.
- Web Server Configuration Checks
- Checks for Web Servers Problems – Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE)
- Verify Web Server Technologies
- Parameter Manipulation
- Cross-Site Scripting (XSS) – over 40 different XSS variations are tested.
- SQL Injection
- Code Execution
- Directory Traversal
- File Inclusion
- Script Source Code Disclosure
- CRLF Injection
- Cross Frame Scripting (XFS)
- PHP Code Injection
- XPath Injection
- Path Disclosure (Unix and Windows)
- LDAP Injection
- Cookie Manipulation
- Arbitrary File creation (AcuSensor Technology)
- Arbitrary File deletion (AcuSensor Technology)
- Email Injection (AcuSensor Technology)
- File Tampering (AcuSensor Technology)
- URL redirection
- Remote XSL inclusion
- Blind SQL/XPath Injection
- Checks for Backup Files or Directories - Looks for common files (such as logs, application traces, CVS web repositories)
- Cross Site Scripting in URI
- Checks for Script Errors
- Unrestricted File uploads Checks
- Looks for Common Files (such as logs, traces, CVS)
- Discover Sensitive Files/Directories
- Discovers Directories with Weak Permissions
- Cross Site Scripting in Path and PHPSESSID Session Fixation.
- Web Applications
- HTTP Verb Tampering
- Directory Listings
- Source Code Disclosure
- Check for Common Files
- Check for Email Addresses
- Microsoft Office Possible Sensitive Information
- Local Path Disclosure
- Error Messages
- Trojan shell scripts (such as popular PHP shell scripts like r57shell, c99shell etc)
- Weak HTTP Passwords
- Over 1200 GHDB Search Entries in the Database
- Port scans the web server and obtains a list of open ports with banners
- Performs complex network level vulnerability checks on open ports such as:
- DNS Server vulnerabilities (Open zone transfer, Open recursion, cache poisoning)
- FTP server checks (list of writable FTP directories, weak FTP passwords, anonymous access allowed)
- Security and configuration checks for badly configured proxy servers
- Checks for weak SNMP community strings and weak SSL cyphers
- and many other network level vulnerability checks!
- Input Validation
- Authentication attacks
- Buffer overflows
- Blind SQL injection
- Sub domain scanning
0 comments:
Post a Comment