Acunetix Web Vulnerability Scanner V9 – What’s New?

Acunetix WVS v9 introduces DeepScan technology. Powered by the same rendering engine used in Chrome and Safari, Acunetix WVS v9 is able to better support dynamic websites.The end result is more pages detected at the crawling stage, resulting in better scan results.

Through its DeepScan technology, Acunetix WVS v9 boasts full interpretation and support for HTML5 web applications. We have also implemented a new test HTML 5 website – http://testhtml5.vulnweb.com, which hosts various new vulnerabilities.

More and more companies are building a mobile friendly version of their web site targeting users browsing the site from a smartphone or tablet. Acunetix WVS v9 provides better detection of mobile friendly sites at the pre-crawl stage, providing the option to scan either the main site or the mobile friendly site. 

Cross Site Scripting (XSS) is still considered to be 'Very Widespread' according to OWASP's Top 10, 2013. Apart from Stored and Reflected XSS, there is a third type known as DOM-based XSS, which has been rather difficult to detect automatically. Not anymore! Acunetix WVS v9 implements advanced interpretation of JavaScript, radically improving the detection of DOM-based XSS.

The following vulnerabilities are detected using the new Acunetix Vulnerability Verification Service:

·         Blind XSS

·         Server Side Request Forgery (SSRF)

·         Email Header Injection

·         XML External Entity (XXE)

·         Host Header based attacks