Hidden Content: You must 'reply' before you can see the hidden content. VT: https://www.virustotal.com/en/file/e7cb400d4f7421cf095590259b8333621e7786a431ed262c4d14723bf6a9d962/analysis/ Acunetix Web Vulnerability Scanner automates the task of monitoring the security of Web applications and allows you to identify vulnerabilities in the protection web-site before it finds them and uses the attacker. Acunetix Web Vulnerability Scanner works as follows: Acunetix WVS explores the forms and structure of the site, treating all references found and collecting information about all the detected files; The program then tests all web-pages with elements for data entry, data entry modeling using all possible combinations and analyzing the results; A vulnerability was discovered, Acunetix WVS sends a message that describes the vulnerability and recommendations for its elimination; Final Report WVS can be written to a file for further analysis and comparison with the results of previous audits. What detects vulnerabilities Acunetix Web Vulnerability Scanner Acunetix Web Vulnerability Scanner automatically detects the following vulnerabilities: Cross site scripting (execution of malicious script in the user's browser in the handling and safety in the context of a trusted site); SQL injection (also Blind injective, but unfortunately he only finds the injection site - but does not conduct itself injection) Database GHDB (Google hacking database) - a list of typical queries used by hackers to gain unauthorized access to the web-applications and websites. Running the code: Directory traversal; Box files (File inclusion); Disclosure of the source code of the scenario; CRLF injection Cross frame scripting; Public backups of files and folders; Files and folders containing important information; Files that may contain the information necessary to carry out attacks (system logs, trace logs applications, etc.); Files containing lists of folders; Folder with a low level of protection, allowing you to create, modify or delete files. Also identifies the involved server technology (WebDAV, FrontPage, etc.) and permit the use of potentially hazardous http-methods (PUT, TRACE, DELETE).