Acunetix Web Vulnerability Scanner Version 8 Build 20120911 Released
Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.
Changelog v8.20120911
New Features:
- Ability to import multiple HTTP Sniffer captures to the same crawl.
- Ability to merge HTTP Sniffer captures to existing website crawls.
- A new option that allows you to specify a different email address for each configured scan in the scheduler.
- HTTP Fuzzer number generator now support padding; i.e. you can use a leading zero e.g. from 01 to 10.
- A new option to specify if the latest cookie from the scanned website should be used rather than the one discovered during the crawling.
- New option to force scanner not overwrite user specified custom cookies with newer cookies form the scanned website.
New Security Checks:
- Added a test for .Net Cross Site Scripting (Request Validation Bypassing).
- New security check for MediaWiki security issues.
Bug Fixes:
- Fixed a Crossdomain in XML false positive.
- Fixed the Scan Wizard back button issue; there were instances were it was not working correctly.
- Fixed a bug in the scanner to scan only website files found during the crawl.
- Fixed a memory leak in the Client Script Analyser engine.
- The Login Sequence Recorder User-Agent string is now the same in both the header and in the scripting code.
- Fixed a bug with the WSDL scanner “Customize” button.
More Information: