Acunetix WVS (web vulnerability scanner) automatically checks web applications for vulnerabilities such as SQL Injections, cross site scripting, arbitrary file creation/deletion, and weak password strength on authentication pages. It boasts a comfortable GUI, an ability to create professional security audit and compliance reports, and tools for advanced manual webapp testing.
For downloads and more information,
visit the Acunetix WVS homepage.
I LOVE Acunetix. Hands down best scanner out there and I've literally used them all. Identifies sqli vulns undetected by burp and nessus. Great for beginners for obvious reasons, but you can actually learn a lot by using it.
My team used Acunetix consultant version for quite some time and compared to generic infrastructure VA tools like Nessus, and Foundstone we found the value in using a specialized Web VA tool. It found more and specific issues with precise recommendations to fix those.
I recommend it based on my experience. I havent explored the IBM and HP counterparts yet...I understand that they are relatively costlier.
It is OK, for point and shoot, but after using it a few times and then using BurpSuite, I just put it aside for except for those clients that demanded I use an automated commercial scanner. I would on one condition that I could also use BurpSuite. I always found more with Burp then I did with this tool.
Along with your rating, you can use the comment form to post a review,
tutorial, tips and tricks, or anything else others will find useful.
If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).