Welcome to our community.

In this community, you can submit ideas, vote on existing ideas, or add comments.

To submit an idea, please click the Submit New Idea button at the top of the navigation sidebar. You will then be asked to add a title and choose a campaign for the new idea. You will also have the option to add tags to the idea. To vote on an idea, simply click the up or down arrows to the right of the idea title/description. And to add a comment, click in the box below the idea.

If you would like to see all ideas created with a specific tag, you can click on the word or phrase via the tagcloud in the navigation sidebar area under "What we're discussing". You can also view ideas sorted by Campaigns from the right navigation area. To return to this page, click the All Ideas link.

Acunetix Web Vulnerability Scanner

Stop / Save partial results / Resume scan later functionality

The user should have the ability to stop a scan, save the "uncomplete" scan status and resume it at a later stage.

Being a consultant sometimes I trigger a scan when at a client, and when it takes long and need to leave their office, ideally I should be able to save the progress to resume the scan later instead of restarting it.

Submitted by

Stage: Active

Feedback Score

56 votes

Acunetix Web Vulnerability Scanner

Web service scan - support for XSD:import

Acunetix does not work when trying to scan a web service that contains XSD:import in the WSDL file, which is a perfectly valid declaration in a WSDL file. The lack of support for this basically rules out using Acunetix to scan web services developed using standard Microsoft technologies since Microsoft .Net (WCF) splits up the web service contract in multiple files and import the definitions in the WSDL file using XSD:import ...more »

Submitted by

Stage: In Progress

Feedback Score

26 votes

Acunetix Web Vulnerability Scanner

Enterprise edition of Acunetix

Create an enterprise edition of Acunetix with a centralized dashboard. Access to the dashboard would be through a URL with specific assigned priviledges. This would allow a large company to distribute scan results, keep track of work efforts and allow remote scanning. This would be a similar model to IBM Appscan Enterprise , HP WebInspect Amp, and Cenzics Arc. While Acunetix is a good product, it is limited in its ...more »

Submitted by

Stage: Active

Feedback Score

25 votes

Acunetix Web Vulnerability Scanner

Acunetix Reporting

I have evaluated your Acunetix Web Scanner and found it to be an all-round great product except for the reporting side. It would be a great idea if one could have a consolidated report for all the scans instead of having to compile each individual reports into one high level report. It should have the functionality to select all scans and generate one single report or just a consolidated high level report . Think about ...more »

Submitted by

Stage: Active

Feedback Score

20 votes

Acunetix Web Vulnerability Scanner

Schedule Scans

An enhanced scheduler which could be used to schedule scans on a regular basis. The current windows scanner is awful and cannot be used effectively. E.g you cannot schedule a scan on a sunday 2 am every month for 12 months..

(Intention here is that you scan a bunch of sites on a off-business hours, if some of them display a particular vulnerability, you then deep dive with manual/hands-on scans..)

Submitted by

Stage: Active

Feedback Score

17 votes

Acunetix Web Vulnerability Scanner

Feature request - flash vulnerabilities

Hello

Our company uses for the security tests their tool Acunetix. We have currently a customer that uses the HP WebInspect tool for the security test. We have found that they can find with this tool more security issues than with Acunetix. The HP WebInspect tool that finds errors in the flashvars.

Can this feature (flash vulnerabilities) be integrated in the next Acunetix version?

Best regards,

S.David

Submitted by

Stage: Active

Feedback Score

11 votes

Acunetix Web Vulnerability Scanner

Save scan results to database to load at a later time

Currently Acunetix does not save the full scan results to the database to where they can be reloaded at a future time. The only way to currently do this is to save the .wvs file and then load the results that way. My suggestion on this is to either have Acunetix automatically create a .wvs file for every scan performed (maybe to the users Acunetix data directory) or to save the full results to the database so they ...more »

Submitted by

Stage: Active

Feedback Score

10 votes

Acunetix Web Vulnerability Scanner

Command line for Acusensor Injector

Since many people use automated build systems these days there is the need to be able to call the Acusensor Injector setup program via command line so a site can be injected and then scanned using the already existing Acunetix command line functionality. This was after a new build is compiled, a script could inject and then scan.

Submitted by

Stage: Active

Feedback Score

7 votes

Acunetix Web Vulnerability Scanner

Scanning progress/duration

Using Acunetix for more than 1000 websites per year the tool is meant to be running permanently. To use the scheduler most efficiently it would be good to be continuously informed about the progress (in %) and estimated duration of a particular scan. We know that the progress bar turns blue when scan is nearly finished but we would prefer to see how far each scan is at any time (e.g. in the WVS log file). Thanks for ...more »

Submitted by

Stage: Active

Feedback Score

7 votes

Acunetix Web Vulnerability Scanner

Hide multiple variations

When Acunetix scans for vulnerabilities, it uses multiple variations to detect the vulnerabilities. If a vulnerability is found with multiple variations, it displays all of them. This causes Acunetix to find over hundreds of the same vulnerability. For some developers this can be useful. I however, would like to request an option to hide these variations and display only one of them. This makes it much more arranged ...more »

Submitted by

Stage: Completed

Feedback Score

7 votes

Acunetix Web Vulnerability Scanner

Program Users, Security, and Roles

Related to support for WIndows Authentication. Allow for the following, all in the Acunetix WVS: -To use Windows Authentication and LDAP/LDAPS to set logins to use the software -To track work based on the logins for an audit trail. -To have user roles or user groups within the WVS that can be used to allow or disallow users access to certain components. Most importantly for us, we would have a group that would allow ...more »

Submitted by

Stage: Active

Feedback Score

6 votes

Acunetix Web Vulnerability Scanner

PCI-compliance scans: add a comment to false-positives

Hi, It would be great to be able to enter a comment to a false positive finding while marking it and move the marked-finding into an report-appendix instead of excluding the whole check (plugin) completely during the follow-up-scans. This would help to (1) understand, why a special finding was not included into the effective report and (2) explain it to an revisor on demand on a later date. Last not least, (3) if you ...more »

Submitted by

Stage: Active

Feedback Score

6 votes

Acunetix Web Vulnerability Scanner

Web service scanner: Custom SOAP header

It would be great to have functionality to add custom SOAP header to SOAP envelope, e.g. security header. Original request: [?xml version="1.0" encoding="utf-8"?] [soap:Envelope] [soap:Header/] [soap:Body] ...SOAP body skipped... [/soap:Body] [/soap:Envelope] Modified request with a security header: [?xml version="1.0" encoding="utf-8"?] [soap:Envelope] [soap:Header] [wsse:Security] ...more »

Submitted by

Stage: Active

Feedback Score

6 votes

Acunetix Web Vulnerability Scanner

Grouping of Scheduled scans

Unable to group scans - In version 7 it was possible to group a list of sites to be scanned under one job. This function is quite important for me and version 8 even when entering a list of sites will create separate entries in the scheduler for each one. This now doesn't get grouped in the DB for reporting they are all treated as separate jobs I can't edit the scan time for the group I have to delete and re-enter them ...more »

Submitted by

Stage: Active

Feedback Score

6 votes

Displaying 1 - 25 of 161 Ideas