Highest Crawl and Analysis Rate for HTML5 and JavaScript Security

A fundamental process during any scan is the scanner’s ability to properly crawl an application. Acunetix Vulnerability Scanner features DeepScan Technology; an HTML5 crawling and scanning engine that fully replicates user interaction inside of a browser by executing and analyzing JavaScript. DeepScan allows accurate crawling of AJAX-heavy client-side Single Page Applications (SPAs) that leverage technologies such as AngularJS, EmberJS and Google Web Toolkit.



Acunetix Vulnerability Scanner achieves top scores in WIVET benchmarks.
Source – SecTools Addict Benchmark


Accurately Crawl and Scan with DeepScan Technology
Acunetix Vulnerability Scanner includes Acunetix DeepScan Technology which allows the scanner to robustly test any application, no matter what web technology it’s written in.
At the heart of DeepScan, is a fully automated web browser that can understand and interact with complex web technologies such as AJAX, SOAP/WSDL, SOAP/WCF, REST/WADL, XML, JSON, Google Web Toolkit (GWT) and CRUD operations just like a regular browser would. This allows Acunetix Vulnerability Scanner to test web application just as though it is running inside of a user’s browser, allowing the scanner to seamlesly interact with complex controls just as a user would, significantly increasing the scanner’s coverage of the web application.
DeepScan has been further optimized to analyze websites and web applications developed in Ruby on Rails and Java Frameworks including Java Server Faces (JSF), Spring and Struts.


Hassle-free Authenticated Web Application Testing
Testing authenticated areas of your websites and web applications is absolutely crucial to ensure full testing coverage. Acunetix Vulnerability Scanner can automatically test authenticated areas by recording a Login Sequence using the Login Sequence Recorder. The Login Sequence Recorder makes it quick and easy to record a series of actions the scanner can re-play to authenticate to a page. The Login Sequence Recorder can also record a series of Restrictions; making it trivial to granularly limit the scope of a scan in a few clicks.


Acunetix Login Sequence Recorder supports a large number of authentication mechanisms including
• Multi-step/Custom Authentication Schemes
• Single Sign-On Authentication
• CAPTCHAs
• Multi-factor Authentication



Automatic Custom 404 Error Page & Rewrite Rule Identification


Custom 404 error pages are pages that return an HTTP ‘200 OK’ status when a page is not found. Rewrite rules are a set of server-side rules that rewrite requested URLs on the fly.
While still allowing you the flexibility to define rewrite rules and custom 404 pages manually, Acunetix Vulnerability Scanner can automatically detect and configure itself for websites and web applications using custom 404 error pages as well as rewrite rules, saving hours of configuration and increasing the crawl and detection rate.
Manual imports of both Apache HTTP Server and Microsoft IIS rewrite rules are supported.