最新版 Acunetix Premium v24 更新於 2024/9/19
使用 Acunetix Web Vulnerability Scanner 檢測您的網站安全
多達 70% 的網站都存在漏洞,可能導致有心人士盜竊公司敏感資料如信用卡資料或是客戶名單。
駭客正全天候的專注攻擊基於網路的應用程式:像是購物車、表格、登入頁面、動態內容等。世界上不安全的Web應用程式都為駭客提供了方便的企業後台資料。
使用防火牆, SSL 以及伺服器鎖定來對付侵入 Web應用程式的駭客是徒勞無功。
駭客通過 80/443連接埠,直行穿越防火牆對 Web應用程式攻擊,操作系統和網路級安全性防護設備,輕易的獲取應用程式的核心系統和企業資料。客製化的Web應用程式往往沒有經過充分的測試,未經發現的漏洞容易成為駭客入侵的目標。
Acunetix – 全球領先的 Web應用程式安全設備
Acunetix開創了網絡應用的安全掃描技術:它的工程師集中在網絡安全,早在1997年制定了工程領導網站分析和漏洞檢測。
Acunetix Web Vulnerability Scanner 包含了許多創新功能:
- AcuSensor 技術
- 業界最先進和最深入的SQL程式碼注入攻擊和腳本測試。
- 強大的可視化功能使得測試HTML 表單過濾器和登入網頁之密碼強度功能變得更容易
- 支援具有破解圖形驗證網頁、單一登入以及雙因素認證機制
- 廣泛的報告設施,包括簽證的PCI遵守情況報告
- 多線程快速掃描,讓使用者可以方便的抓取數以十萬計的網頁
- 智能掃描器檢測網絡服務器類型和應用語言
- Acunetix檢索和分析網站的內容包括flash content, SOAP, AJAX
- 具有自動搜尋可用的網站伺服器技術之功能。
結合弱點掃描及源碼檢測:
此專門的優異技術可有效找出更多的漏洞並降低誤判率,比其他掃描器更快找出弱點即時修補。
更多進階功能:
- 偵測Blind XSS及DOM-based XSS
- 偵測HPP弱點(HTTP Parameter Pollution)
- 支援自定義HTTP headers自動掃描
- 支援多個HTTP身份驗證憑證
- 可定義多重掃描規則便於以不同選項或身分掃描
- 可自行定義報表(報表產生器)
- 前後次掃描結果比對
- 網站變更後可輕易找出差異並重新檢核
- 支援圖型驗證碼CAPTCHA、 Single Sign-On 、雙因素認證等(Two Factorauthentication) 等驗證機制
- 檢查檔案目錄權限弱點
- 列出特殊HTTP回應列表,如其他Server錯誤訊息或HTTP500等以簡化例外處理
- 可設定排除造成誤判之檢查項目
- 檢查Web Server設定是否安全
- 可自動由web.config.file 匯入IIS 7 rewrites規則
- 可只掃描特定弱點以便於程式修改及驗證
- 文件上傳表單漏洞自動化測試
Acunetix 共三種版本提供( 1. Standard 2. Premium 3. Acunetix 360 )
Architecture and Scale | Standard | Premium | Acunetix 360 |
Unlimited Web Scanning | V | V | V |
Multi-user | V | V | |
Single Sign On | V | ||
User Roles and Privileges | V | V | |
Multiple Scan Engines | V | V | |
Hybrid Environment Installation (online/on-premises) | V | ||
Number of Users | 1 | Unlimited | Unlimited |
Max Number of Scan Engines | 1 | Unlimited | Unlimited |
Delivery | On-premises | Hosted or On-premises | Hosted and/or On-premises |
Acunetix Vulnerability Assessment Engine | Standard | Premium | Acunetix 360 |
Scanning for 6500+ web application vulnerabilities | V | V | V |
Scanning for 50,000+ network vulnerabilities | V | ||
Acunetix DeepScan Crawler | V | V | V |
Acunetix AcuSensor (IAST Vulnerability Testing) | V | V | |
Acunetix AcuMonitor (Out-of-band Vulnerability Testing) | V | V | V |
Acunetix Login Sequence Recorder | V | V | |
Acunetix Business Logic Recorder | V | ||
Manual Intervention during Scan | V | V | |
Malware URL Detection | V | V | |
Scanning of Online Web Application Assets | V | V | V |
Scanning of Internal Web Application assets | V | V | V |
Key Reports and Vulnerability Severity Classification | Standard | Premium | Acunetix 360 |
Key Reports (Affected Items, Quick, Developer, Executive) | V | V | V |
OWASP TOP 10 Report | V | V | V |
CVSS (Common Vulnerability Scoring System) for Severity | V | V | V |
Remediation Advice | V | V | V |
Compliance Reports* | V | V | |
Centralized Management and Extensibility | Standard | Premium | Acunetix 360 |
Dashboard | V | V | V |
Scheduled Scanning | V | V | V |
Notifications | V | V | V |
Continuous Scanning | V | V | |
Target Groups | V | V | |
Assign Target Business Criticality | V | ||
Prioritize by Business Criticality | V | ||
Role-Based Access Controls | V | V | |
Trend Graphs | V | V | |
WAF Virtual Patching** | V | V | |
Issue Tracker Integration (Jira, Azure DevOps, GitHub, Gitlab, Bugzilla, Mantis) |
V | V | |
Jenkins Plug-in Integration | V | V | |
CI/CD Integration (TeamCity, Azure, GitLab, Service Now) | V | ||
Advanced CI/CD Integration (TeamCity, Bamboo, Azure DevOps, GitLab) | V | ||
Advanced Issue Tracker Integration (FogBugz, GitLab, Unfuddle, ServiceNow, Bitbucket, Zapier) | V | ||
Integration APIs | V | V | |
Slack integration | V |
* Acunetix Premium - PCI DSS, ISO/IEC 27001; The Health Insurance Portability and Accountability Act (HIPAA); WASC Threat Classification; Sarbanes-Oxley; NIST Special Publication 800-53 (for FISMA); DISA-STIG Application Security; 2011 CWE/SANS Top 25 Most Dangerous Software Errors. Acunetix 360 - PCI DSS, ISO/IEC 27001; The Health Insurance Portability and Accountability Act (HIPAA); WASC Threat Classification.
** Imperva SecureSphere, F5 BIG-IP Application Security Manager and Fortinet FortiWeb WAF
Activating your Acunetix Installation 如何進行Acunetix安裝授權步驟
After the installation, Acunetix needs to be activated using your license key. This can be done using the Acunetix Activation utility which can be loaded from the Acunetix program group. Insert your License key and your details and proceed with the product activation.
At this stage, you can also choose to Register your installation with the AcuMonitor service. AcuMonitor is used to detect certain type of vulnerabilities, such Blind XSS, SSRF, XXE and other out of band vulnerabilities which can only be detected using an intermediary service.
Production activation does require a connection to the internet.
Upgrading Acunetix 如何將Acunetix 11版升級
Note that Acunetix version 11 has undergone a major update. With the exception of Login Sequences, the settings and reporting data from previous versions cannot be used in version 11. Acunetix version 11 can be used on the same machine as previous versions - in which case, you should just install version 11 as per above.
To upgrade a previous version of Acunetix to the latest version:
Close all instances of Acunetix (and related utilities such as the Reporter)
Optionally backup the Login Sequences if you would like to use these in in the newer version. These can be copied from
From the Acunetix Program Group, select to uninstall the product.
Install the newer version of Acunetix.
You can re-use the Login Sequences in version 11 by configuring these in the Site Login Section of the Targets.
Minimum System Requirements
- Supported Operating systems
- Microsoft Windows 10 or Windows Server 2016 R2 or later
- Please note that Acunetix will soon discontinue support for Windows 8, Windows 2012, and Windows 2012 R2. Instead, Acunetix will require Microsoft Windows 10 or Windows 2016 and newer versions.
- Ubuntu Desktop/Server 18.0.4 LTS or higher
- Suse Linux Enterprise Server 15
- openSUSE Leap 15.0 and 15.1
- Kali Linux versions 2019.1 and later
- CentOS 8 and CentOS Stream Server and Workstation (with SELinux disabled)
- RedHat 8 and 9 (with SELinux disabled)
- Oracle Linux 8 (with SELinux disabled)
- We are actively testing other Linux distributions. Please let us know if you have requests for specific distros.
- Microsoft Windows 10 or Windows Server 2016 R2 or later
- CPU: 64 bit processor
- System memory: minimum of 2 GB RAM
- Storage: 1 GB of available hard-disk space.
This does not include the storage required to save the scan results - this will depend on the level of usage of Acunetix.
- Note: Acunetix Premium On Premise is no longer supported on macOS. If you are using macOS, you will need to move to one of the following options:
- Move to Acunetix Premium Online
- Use Acunetix on a Virtual machine
- Use Acunetix on Docker
Supported Browsers
The Acunetix User Interface is delivered through a web server. The supported browsers are:
- Firefox
- Chrome
- Edge
- Safari
If you encounter browser-related issues, please first ensure that you are running the latest version of one of the supported browsers before contacting support.