Acunetix Web Vulnerability Scanner 4.0 build 20070129

Acunetix Web Vulnerability Scanner first identifies web servers from a particular IP or IP range. After that, it crawls the whole site, gathering information about every file it finds, and displaying the entire website structure. After this discovery stage, it performs an automatic audit for common security issues.Acunetix Web Vulnerability Scanner is a software that automatically detects file inclusion.
Main features:
Automatically audited vulnerabilities
Acunetix Web Vulnerability Scanner automatically detects the following vulnerabilities in web applications:
- Cross site scripting
- SQL injection
- CRLF injection
- Code execution
- Directory traversal
- File inclusion
- Script source code disclosure
- Discovers files/directories that may contain sensitive information
- Looks for common files (such as logs, application traces, CVS web repositories), back-up files or directories
- Finds directory listings
- Discovers directories with weak permissions
- Discovers available web server technologies (such as WebDAV, FrontPage, etc.)
- Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE)
- Inspects the HTTP version banners and looks for vulnerable products
- Tests password strength of applications.
Extend attacks
- With Acunetix Web Vulnerability Scanner, you can construct HTTP/HTTPS requests and analyze the responses using the HTTP editor.
Connection spy
- By enabling you to log, intercept and modify all HTTP/HTTPS traffic, Acunetix Web Vulnerability Scanner gives you an in-depth insight into what data your web application is sending.
Test password strength
- To test the strength of your passwords, you can perform a dictionary attack on basic HTTP, NTLM or form-based authentication.
Test database editor
- Acunetix Web Vulnerability Scanner includes a text database editor that permits you to add additional attacks to the test database (Enterprise & Consultant versions only).
Supports all major web technologies
- Applications utilizing CGI, PHP, ASP, ASP.NET can all be tested for vulnerabilities.
Scanning profiles
- Acunetix Web Vulnerability Scanner allows you to quickly scan sites with different options and identities.
Reporting
- You can save scan sessions to MS SQL Server/Access databases and generate complex reports from previous scan sessions using information stored in the database.