1.Install Acunetix
2. stop acunetx in services.msc
3. copy Patch to installation directory (the one with activation.exe inside)
4. run as admin
5. enter any info in the activation window
6. run cmd as admin and run cacls "C:\ProgramData\Acunetix\shared\license." /t /p everyone:r
7. choose yes
8. Start acunetix in services.msc then run portal
Acunetix Web Interface
Acunetix ships with an easy to use web interface, allowing multiple users to use Acunetix from a standard web browser. After logging in, users are taken to the Dashboard which provides a bird's-eye view of the security of the organisation’s assets. From here, users can access the inbuilt-in vulnerability management features including:
- Configure Targets once and scan them as often as needed. Acunetix keeps track of the security status of each target by aggregating and keeping track of the vulnerabilities identified for each target;
- All the vulnerabilities identified by Acunetix are shown on one page, making it easy to prioritize the vulnerabilities identified across all the organization. Vulnerabilities can be filtered to show only what is required or grouped either by the severity of the vulnerability or the business criticality assigned to each target;
- Acunetix makes it easy to review scan results of ongoing or completed scans. New scans can be configured to occur either instantly or on a schedule;
- Reports can be generated for targets, scans or a set of vulnerabilities;
The Web Scanner launches an automatic security audit of a website. A website security scan typically consists of two phases:
- Crawling – Making use of Acunetix DeepScan, Acunetix automatically analyzes and crawls the website in order to build the site's structure. The crawling process enumerates all files, folders, and inputs and is vital to ensure that all your website is scanned.
- Scanning – Acunetix launches a series of web vulnerability checks against each component in your web application – in effect, emulating a hacker. The results of a scan include comprehensive details of all the vulnerabilities found within the website.
Acunetix AcuSensor Technology is a unique technology that allows you to identify more vulnerabilities than a traditional black-box web security scanner and is designed to further reduce false positives. Additionally, it also indicates the line of code where the vulnerability was found. This increased accuracy is achieved by combining black-box scanning techniques with interactive code analysis whilst the source code is being executed. For Acunetix AcuSensor to work, an agent must be installed on your website to enable communication between Acunetix and AcuSensor. Acunetix AcuSensor can be used with PHP, JAVA and .NET web applications.
AcuMonitor Technology
Some vulnerabilities can only be detected using an intermediate service. Acunetix AcuMonitor allows Acunetix to detect such vulnerabilities. Depending on the vulnerability, AcuMonitor can either report the vulnerability immediately during a scan or send a notification email directly to the user if the vulnerability is identified after the scan has finished. More information on the AcuMonitor Service can be found at http://www.acunetix.com/vulnerability-scanner/acumonitor-blind-xss-detection/
The AcuMonitor Service is fully integrated with Acunetix and is enabled for all the targets configured in Acunetix.
Tidak ada komentar:
Posting Komentar