Posts

Scan for ShellShock with Acunetix Web Vulnerability Scanner

ShellShock, dubbed the BIG BUG of 2014, is causing a huge stir in the IT community, with researchers still getting to grips with the damage caused. Also referred to as the BASH Bug, this vulnerability has been assigned the highest CVSS score of 10, a score that not even the notorious HeartBleed achieved. The high score is more than warranted since this Bourne-again Shell vulnerability is very easy to exploit allowing pretty much any script kiddie to take control of a vulnerable server and execute arbitrary code. Acunetix Web Vulnerability Scanner (WVS) has already been updated to identify web servers vulnerable to ShellShock while Acunetix Online Vulnerability Scanner (OVS) has been updated to detect ShellShock on perimeter servers. Users of the most recent Acunetix Web Vulnerability Scanner (WVS) version will be prompted to install an update next time they start Acunetix WVS. Older version users with upgrade entitlement can also get the latest build of Acunetix WVS by downloading it from here and installing it over the current system (backup recommended).

If you don’t have Acunetix, Alliance offers the Acunetix licensing and Acunetix training.

 

 

Acunetix Training – Introduction to Web Vulnerability Scanning Strategies with Acunetix

Alliance has been an Acunetix partner for 7 years and now offers Acunetix Training Courses.  We have found that many Acunetix users never learn how to use Acunetix to it’s fullest extent.   With all the highly publicized security breaches around the country, we have decided that helping our clients protect their data is our top priority.  Our clients include the United States Government, State and Local Governments, Security Consulting Firms, and Fortune 1000 organizations.

Our Basic Training course is a 3 hour course given by our two senior security engineers.  It is delivered via the web.  It is highly interactive and tailored to the users’ experience level and particular needs.  Our security engineers are trained directly by Acunetix and work with Acunetix on a consistent basis.   This is a dedicated training for our clients who can invite up to 5 users.

The Introductory course covers the following areas:

  • Overview of Acunetix and Web Vulnerability Scanning
  • Scan Settings
  • Scanning/Crawling Options
  • Login Sequence Recorder
  • HTTP Editor
  • HTTP Sniffer
  • Site Crawler
  • HTTP Fuzzer
  • Authentication Tester
  • Compare Results Tool
  • Target and Domain Finder
  • Web Services Scanner/Editor
  • Scheduler
  • Reporter
  • OWASP
  • New Features in WVS 9.5

A certificate of completion is issued after the completion of the course.

Alliance Logo Transparent

Acunetix Reseller, Acunetix Partner,  Acunetix Training

Acunetix Reseller, Acunetix Partner, Acunetix Training