Acunetix update introduces Node.js AcuSensor, target knowledgebase, and multiple unrestricted access vulnerability checks - Security Boulevard

Acunetix update introduces Node.js AcuSensor, target knowledgebase, and multiple unrestricted access vulnerability checks

A new Acunetix update has been released for Windows, Linux, and macOS: 13.0.210129162.

This Acunetix update introduces AcuSensor for Node.js and a feature called target knowledgebase, which holds data from past scans and helps improve future scans. We also made fully qualified domain names more prominent in the Acunetix UI. This update also includes checks for unrestricted access to a number of well-known applications. In addition, there are numerous updates and fixes, all of which are available for all editions of Acunetix.

New Features

  • New AcuSensor for Node.js
  • New target knowledgebase records scan data – this data is then used to improve future scans
  • New FQDN and target filter in the Grouped Vulnerabilities page
  • New FQDN column in the Targets page

New Vulnerability Checks

Updates

  • Simplified User Profile page
  • Improved handling of HTML comments
  • Improved processing of sites using dynamic links
  • Improved parsing of JavaScript for new paths
  • The form input type is taken into consideration when processing forms
  • Scanner now supports NTLM authentication for proxy authentication
  • Multiple DeepScan updates
  • Comprehensive report updated to use time zone configured for the Acunetix user
  • Added setting in settings.xml to choose the SSL cipher to be used by the scanner
  • Integrated LSR logs are now stored for troubleshooting purposes
  • Notify user when a client certificate is required but not configured for the target
  • Improvements in macOS installation
  • The PHP AcuSensor will now include stack traces
  • Multiple LSR/BLR updates

Fixes

  • Filter items sorted alphabetically
  • Fixed a minor UI glitch in the multi-engine registration page
  • Multiple fixes in SlowLoris detection
  • Fixed scanner crashes
  • Fixed a CSV injection in target export
  • Fixed UI issues in the Target Groups page
  • Fixed formatting for issues pushed to Jira
  • Fixed issue when installing on Centos 8

Upgrade to the Latest Build

If you are already using Acunetix build 13.x, you can initiate the automatic upgrade from the new build notification in the Acunetix UI > About page.

If you are using Acunetix build 12.x or earlier, you need to download Acunetix from here. Use your Acunetix license key to download and activate your product.

THE AUTHOR
Nicholas Sciberras
Chief Technical Officer

As the CTO at Acunetix, Nicholas is passionate about IT security and technology at large. Prior to joining Acunetix in 2012, Nicholas spent 12 years at GFI Software, where he managed the email security and anti-spam product lines, led multiple customer service teams and provided technical training.

*** This is a Security Bloggers Network syndicated blog from Web Security Blog – Acunetix authored by Nicholas Sciberras. Read the original post at: http://feedproxy.google.com/~r/acunetixwebapplicationsecurityblog/~3/QqzjVtaUNaA/