Acunetix Releases Web Vulnerability Scanner

By Michael Hall | Jul 22, 2005 | Print this Page
http://www.enterprisenetworkingplanet.com/netos/article.php/3522416/Acunetix-Releases-Web-Vulnerability-Scanner.htm

Acunetix has released a tool to automatically audit website security. The software crawls websites launching popular Web-based attacks and identifying vulnerabilities.

According to the company, Web Vulnerability Scanner (WVS) crawls a given website, analyzing each file it retrieves. After its discovery stage, it performs an automatic audit for common security vulnerabilities.

Among the vulnerabilities the scanner looks for are SQL injection attacks, which modify SQL commands to gain unauthorized access to the data in a Web-connected database. It also scans for cross-site scripting attacks, which allow malicious people to execute scripts in a user's browser.

Other vulnerabilities WVS scans for include CRLF injection attacks, directory traversal attacks, input validation attacks, and authentication attacks. The software also includes an HTTP editor and sniffer that allow users to customize the vulnerability checks already included in WVS.

The software is available as an enterprise or as a consultant version. A subscription-based license can be purchased starting at $395, and perpetual licenses start at $2995.