Acunetix

Acunetix (https://www.acunetix.com/) is a vulnerability scanner that is helpful in detecting juicy bugs. It also has a fuzzer, similar to Burp Suite's Intruder, and an integrated HTTP proxy. One of its interesting characteristics is that it has an attack launcher option:

The attack launcher can be used to view a vulnerability detected by the scanner directly within Acunetix, to reproduce the vulnerability:

Acunetix, as with many vulnerability scanners, has a wizard to scan a target. However, I recommend navigating deep into the configuration. There are interesting configurations about performance, network traffic, user agents, special configurations, and so on.

Note that it is very important to keep in mind that, if you are assessing an application in a public program, there is a great chance that you will be blocked when using this scanner, due to noise in the network. This means that it generates a lot of traffic and could be detected by monitoring solutions. But in some private or semi-private programs, where the IP from which the testing is launched is perfectly identified, it is very easy to use this scanner.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.191.238.161