Acunetix Web Vulnerability Scanner (WVS) is a complex security audit tool for your website. For its many capabilities see www.acunetix.com/support/vulnerability-checks.htm.
In particular, it allows to:
- automatically check web applications for SQL Injection
SQL Injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.
- discover application susceptibility to cross-site scripting attacks
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML code and client-side scripts. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.
- identify attempts of Xpath Injection attacks
These attack techniques are used to exploit web sites that construct XPath queries from user-supplied input.
More information:
Acunetix Web Vulnerability Scanner
