Web Vulnerability Scanner

Firewalls, SSL and Hardened Networks are Futile against Web Application Hacking!.

Acunetix are the pioneers in Automated Web Application Security Testing with an engineering lead in website structure analysis and vulnerability detection.


  • DeepScan Technology allows accurate crawling of AJAX-heavy client-side Single Page Applications (SPAs) that leverage complex technologies such as SOAP/WDSL, SOAP/WCF, WADL, XML, JSON, Google Web Toolkit (GWT) and CRUD operations.
  • Industry’s most advanced and robust SQL Injection and Cross-site Scripting testing,including advanced detection of DOM-based Cross-site Scripting.
  • A Login Sequence Recorder that allows the automatic crawling and scanning of complex password protected areas including multi-step, Single Sign-On (SSO) and OAuth-based websites.
  • AcuSensor Technology allows accurate scanning further reducing the false positive rate, by combining black box scanning techniques with feedback from its sensors placed inside the source code.
  • Highest detection of WordPress vulnerabilities – scans WordPress installations for over 1200 known vulnerabilities in WordPress’ core, themes and plugins.
  • Multi-threaded, lightning fast crawler and scanner that can crawl hundreds of thousands of pages without interruptions.
  • Easily generate a wide variety of technical and compliance reports aimed towards developers and business owners alike.

More Advanced Features

  • Flexible Scan Settings – Scan websites and web applications with different Scan Settings and Login Sequences.
  • Easily Customize Scan Scope – Leverage Scanning Profiles and Directory and File Filters (support for wildcard and regular expression-based filters) to customize tests and pentest scope.
  • Schedule Scans with Ease – Schedule scans to run at a given time, or setup recurring scans based on a customized schedule, set-up custom Excluded Hours templates to pause scans during specific hours.
  • Import Crawl Data from Third-Party Tools – Import manual crawl data from the built-in Acunetix HTTP Editor, third-party tools such as Telerik Fiddler, Portswigger BurpSuite, and HAR (HTTP Archive) files.
  • Dynamic Crawl Pre-Seeding – Dynamically pre-seed automated crawls using external or custom-built tools and scripts.
  • Business Logic Testing with Selenium IDE – Support for crawling and scanning complex Business Logic-driven applications through consumption of Selenium IDE test cases.
  • Auto-configuration of Web Application Firewalls.

Contact Us


On Demand Product Training

Get in touch with our expert sales team

Product Brief