provided by: 
Originally published at Internet.comAcunetix Web Vulnerability Scanner (WVS) is a security tool that allows a site owner (or security consultant) to test their Web sites and the applications residing on them for known vulnerabilities and weaknesses. The tool automatically crawls the site, launching multiple controlled attacks against the pages and applications it finds in an attempt to identify potential security breaches. It then provides reports that give descriptions of the vulnerabilities found as well as recommendations on how to fix them.
Specific types of vulnerabilities and attacks tested for by the product include SQL injection, cross site scripting (XSS), CRLF injection, code execution, directory traversal, file inclusion, and, via manual tools, input validation, authentication attacks, and buffer overflows. In addition, servers can be checked for the existence of vulnerable products or enabled "dangerous" methods; and the site's content can be tested against queries from the Google Hacking Database to identify potential sensitive data leaks or attack targets.
Platform features and tools include:
- HTTP sniffer, allowing you to log, intercept, and modify HTTP and HTTPS traffic
- HTTP editor, allowing for the creation of custom HTTP requests for testing
- Rule-based testing for systematic input checking
- Automatic (and configurable) HTML form filling, including a macro recording tool
- Support for scanning profiles and scan compares
- JavaScript analyzer supporting the scanning of AJAX/Web 2.0 technologies
- Web services editor and scanner
- Subdomain scanner (pulls DNS information from the parent domain or manually)
- Acunetix Reporter (included within WVS), which provides centralized report management for the platform. Acunetix Reporter includes reporting formats such as vulnerability and developer reports, compliance (including HIPAA, OWASP Top 10, PCI, Sarbanes Oxley Act, more) as well as comparison and statistical reports. Reports can be exported in PDF, RTF, HTML, BMP, and PRN formats.
Acunetix Web Vulnerability Scanner is available now. The product is offered in Small Business (one Web site), Enterprise (unlimited Web sites) and Consultant (allows for the scanning of unlimited 3rd party Web sites) versions. The Small Business and Enterprise versions of the product can only be used to scan sites that actually belong to the license holder. Pricing starts at $1,495 for a perpetual Small Business license and $5,995 for a perpetual Enterprise license. Free trial versions are also available.
Also now available is a free version of the tool that will scan a Web site or application (that you operate) specifically for XSS vulnerabilities, and report the location of found vulnerabilities with remediation information (the report cannot be saved). Additionally, the free version can scan the vendor's own test sites to provide for the user a sampling of the premium versions of the product's functionality.
Visit the Acunetix Web site for further information.Author: EITPlanet Staff
Read article at Internet.com site