Acunetix Web Vulnerability Scanner first identifies web servers from a particular IP or IP range. After that, it crawls the whole site, gathering information about every file it finds, and displaying the entire website structure. After this discovery stage, it performs an automatic audit for common security issues.Acunetix Web Vulnerability Scanner is a software that automatically detects file inclusion.

Automatically audited vulnerabilities
Acunetix Web Vulnerability Scanner automatically detects the following vulnerabilities in web applications:
Cross site scripting
SQL injection
CRLF injection
Code execution
Directory traversal
File inclusion
Script source code disclosure
Discovers files/directories that may contain sensitive information
Looks for common files (such as logs, application traces, CVS web repositories), back-up files or directories
Finds directory listings
Discovers directories with weak permissions
Discovers available web server technologies (such as WebDAV, FrontPage, etc.)
Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE)
Inspects the HTTP version banners and looks for vulnerable products
Tests password strength of applications.

Extend attacks
With Acunetix Web Vulnerability Scanner, you can construct HTTP/HTTPS requests and analyze the responses using the HTTP editor.

Connection spy
By enabling you to log, intercept and modify all HTTP/HTTPS traffic, Acunetix Web Vulnerability Scanner gives you an in-depth insight into what data your web application is sending.

Test password strength
To test the strength of your passwords, you can perform a dictionary attack on basic HTTP, NTLM or form-based authentication.

Test database editor
Acunetix Web Vulnerability Scanner includes a text database editor that permits you to add additional attacks to the test database (Enterprise & Consultant versions only).

Supports all major web technologies
Applications utilizing CGI, PHP, ASP, ASP.NET can all be tested for vulnerabilities.

Scanning profiles
Acunetix Web Vulnerability Scanner allows you to quickly scan sites with different options and identities.

Reporting
You can save scan sessions to MS SQL Server/Access databases and generate complex reports from previous scan sessions using information stored in the database.