17 February 2012

[Tool] Acunetix Web Vulnerability Scanner 8


Bài viết liên quan:


Additionally, Acunetix WVS 8 takes vulnerability scanning to a new level by integrating smarter and more reliable automated features, making it quicker to launch a scan with less configuration required.

“Acunetix WVS 8 continues to set new standards for web vulnerability scanners. Web security exploit statistics are steadily on the rise — unfortunately not in favor of website owners — which is why version 8 of WVS focuses on providing a comprehensive solution to anyone wanting to make their online presence a safe one. Acunetix WVS 8′s high performance scanning engine provides even more accurate exploit detection, and coupled with the new automation enhancements securing a web application has never been easier. WVS 8 makes it clear why Acunetix is the number one choice for companies to audit and secure their websites.”

Mr. Nick Galea | Acunetix CEO
New feature showcase:

An automated web scanner that thinks like a hacker

* Manipulation of inputs from URLs:
Acunetix WVS can automatically identify URL parameters and manipulate them to detect vulnerabilities. This technology is not present in any other competing vulnerability scanner.

Replace manual intervention with scanner intelligence

* Automatic custom 404 error page identification:
Acunetix WVS 8 can automatically determine if a custom error page is in use, and recognizes it without needing any recognition patterns to be configured before the scan.

Interpret IIS 7 rewrite rules automatically

Using the web application’s web.config file, WVS 8 can automatically interpret rewrite rules without requiring any manual input.

Fix vulnerabilities while locking hackers out

* Imperva Web Application Firewall integration:
An exciting co-operation between Imperva and Acunetix; WVS 8 scan results can be imported into an Imperva Web Application Firewall and interpreted automatically as firewall rules.

Use WVS 8 as a true security scanning workhorse

* Multiple instance support:
Acunetix WVS 8 can be relaunched as multiple instances on the same machine, allowing the user to scan multiple websites enabling further support for multi-user scenarios on the same server/workstation.

Re-scan without re-configuring

* Scan settings templates:
WVS 8 can save the settings for the scan of a specific application as a template, making it quick and easy to recall those exact settings for the same application each time it is scanned. This is particularly useful when auditing multiple sites, enabling the user to load the template for each site instead of re-configuring everything manually.

Launch a scan quicker than before

* Simplified Scan Wizard:
In addition to the introduction of Scan Settings Templates and automatic custom 404 error page recognition, the Scan Wizard contains far less options so it’s much easier and quicker to kick off a scan.

Access your results from anywhere and everywhere

* Web-based scheduler:
Accessible via a web interface, the new Scheduler allows administrators to download scan results from any workstation, laptop, or smartphone. The new Scheduler will automatically launch another instance of WVS when multiple web scans are due, preventing multiple processes from depending on the resources of one WVS instance, and thereby allowing scans to complete in less time.

Identify threats unseen by other black-box scanners

* New HTTP Parameter Pollution vulnerability class:
At the time of writing, Acunetix WVS 8 is the only scanner that tests for this security vulnerability.

Ensure complex scans will complete automatically and successfully

* Smart memory management:
The following settings have been added to optimise scanning efficiency:
Define number of files per directory
Limit number of subdirectories per website
Assign Crawler memory limit
Other New Features
Real time Crawler status (number of crawled files, inputs discovered, etc.)
Support for custom HTTP headers in automated scans
Configurable log file retention
Detailed Crawler coverage report
Scan status included in report

Download Trial :download.htm

0 comments:

Post a Comment

Để lại góp ý của bạn để blog của mình hoàn thiện hơn :))