From:web安全观察站
Acunetix Web Vulnerability Scanner 6.5发布不少日子了,不过最近才从Hell-Phantom朋友那得知Patcher信息。
自五月份以来各个Build的情况:
Acunetix WVS Build History
Build v6.5.20090813 – 13th August 2009
Improvements:
- HTML forms settings node was renamed to Input Fields. This node now can also be used to pre-define web services operations values.
- New SQL Injection tests added
- New XSS tests (unicode) added
Build v6.5.20090728 – 28th July 2009
New Features:
- Manual Intervention module: better support for CAPTCHA and modern authentication mechanisms
Improvements:
- Added new variants of blind SQL injection tests (now testing both AND and OR boolean operators)
- Added new tests for SQL Injection with charset GBK/Big5
- Added new variants for Cross site scripting
Bug Fixes:
- Fixed several issues with CSA (Client Script Analyzer) engine.
Build v6.5.20090622 – 22nd June 2009
Improvements:
- Better cookies handling in several modules
- Implemented exception handler in Login Sequence Recorder
Bug Fixes:
- Handled issue when non-responsive hosts triggered download dialog
Build v6.5.20090618 – 18th June 2009
New Features:
- Implemented Blind SQL Injection (timing) for web services scanner
- Implemented HTTP authentication for web services scanner
Bug Fixes:
- Fixed problem related to File Inclusion in AcuSensor Technology
- Fixed a problem in ssl_ping network script
Build v6.5.20090519 – 20th May 2009
New Features:
- File upload forms vulnerability checks
- New Login Sequence Recorder; supports much more authentication forms and web technologies
- Session Auto Recognition module; if the session is invalidated or logged out during crawling, the scanner will automatically replay the login sequence without the need of manual intervention
- Actions drop down menu; for each selected node, the actions drop down menu is activated showing all possible functions
- Much more checks and alerts for JSP, Java and Tomcat web server
Major Improvements:
- Improved cookie management and session handling to support modern dynamic websites
- Port scanner and Network Alerts results will appear in a separate node in the results tree
- Users can import Version 6 settings to Version 6.5
- Added blind SQL injection timing test using MySQL’s sleep and MS SQL’s waitfor function. This will help in discovering particular blind SQL injections that do not report a change on the page
下载:
1、Hell-Phantom提供的地址
http://www.4shared.com/file/127509670/2215b9ec/Acunetix_65.html 解压缩密码请用WinRAR打开压缩文件即可看到
2、本站下载