www.acunetix.com
Open in
urlscan Pro
54.164.31.127
Public Scan
Submitted URL: http://bxss.me/
Effective URL: https://www.acunetix.com/vulnerability-scanner/acumonitor-technology/
Submission: On February 27 via manual from ES — Scanned from ES
Effective URL: https://www.acunetix.com/vulnerability-scanner/acumonitor-technology/
Submission: On February 27 via manual from ES — Scanned from ES
Form analysis
0 forms found in the DOMText Content
Get a demo Toggle navigation Get a demo * Product * Why Acunetix? * Solutions * INDUSTRIES * IT & Telecom * Government * Financial Services * Education * Healthcare * ROLES * CTO & CISO * Engineering Manager * Security Engineer * DevSecOps * Case Studies * Customers * Testimonials * Pricing * About Us * Our story * In the news * Careers * Contact * Resources * Blog * Webinars * White papers * Buyer’s guide * Partners * Support * Get a demo DETECT OUT-OF-BAND VULNERABILITIES WITH ACUMONITOR TECHNOLOGY Get a demo ACUMONITOR SERVICE – OUT-OF-BAND VULNERABILITY DETECTION AcuMonitor is a service provided by Acunetix, which allows the scanner to detect out-of-band vulnerabilities. This service is automatically used by out-of-band checks and requires no installation or configuration, only simple registration for on-premises versions. WHAT ARE THE BENEFITS OF ACUMONITOR? AcuMonitor increases the scope of vulnerabilities that the Acunetix scanner can detect. Without AcuMonitor, out-of-band detection is not possible. Also, vulnerabilities detected with AcuMonitor are never false positives. Here are some of the vulnerabilities detected by Acunetix with AcuMonitor: * Blind server-side XML/SOAP injection * Blind XSS (delayed XSS) * Host header attack * Out-of-band remote code execution (OOB RCE) * Out-of-band SQL Injection (OOB SQLi) * Email header injection * Server-side request forgery (SSRF) * XML External Entity injection (XXE) HOW DOES ACUMONITOR WORK? During an Acunetix scan, your Acunetix scanner sends payloads to the tested application. Here is how these payloads work with AcuMonitor: * AcuMonitor is a publicly accessible service. It waits for two types of connections: connections from your web application after processing an Acunetix vulnerability payload and connections from your Acunetix scanner (online or on-premise). * When Acunetix performs a test for an out-of-band vulnerability, the payload is designed to send a specific request to the AcuMonitor service. In the case of out-of-band vulnerabilities, this can happen either immediately or with a delay and from a different location in the application or from a completely different web application. * Your Acunetix scanner regularly polls AcuMonitor to check whether the payload has reached the service. If it has, it receives details from AcuMonitor, thus confirming the out-of-band vulnerability with 100% certainty. IS ACUMONITOR SECURE? AcuMonitor is absolutely secure both in terms of data transmission and data storage. * AcuMonitor payloads use TLS whenever possible. This ensures that connections to AcuMonitor are encrypted. * AcuMonitor does not receive or store enough information to identify the source of the vulnerability. The scanner does not send any information about the original request to AcuMonitor. To distinguish between tests, AcuMonitor uses your unique AcuMonitor ID acquired during registration and random unique identifiers generated by Acunetix. * Requests made to AcuMonitor are stored for a limited amount of time (maximum 7 days) and then securely deleted. RECOMMENDED READING Learn more about prominent vulnerabilities, keep up with recent product updates, and catch the latest news from Acunetix. KNOWLEDGE SHARING What is SQL Injection What is Cross-site Scripting What Are XML External Entity Attacks What is Insecure Deserialization POPULAR POSTS SQL Injection Example Preventing SQL Injection in PHP TLS/SSL Cipher Hardening Defending Against CSRF Attacks IN THE NEWS Complimentary licenses – COVID-19 Interview with Acunetix President & COO Innovations in Acunetix v13 Network scans now fully available “We use Acunetix as part of our Security in the SDLC and to test code in DEV and SIT before being promoted to Production.” Kurt Zanzi, Xerox CA-MMIS Information Securtiy Office, Xerox TAKE ACTION AND DISCOVER YOUR VULNERABILITIES Get a demo PRODUCT INFORMATION * AcuSensor Technology * AcuMonitor Technology * Acunetix Integrations * Vulnerability Scanner * Support Plans USE CASES * Penetration Testing Software * Website Security Scanner * External Vulnerability Scanner * Web Application Security * Vulnerability Management Software WEBSITE SECURITY * Cross-site Scripting * SQL Injection * Reflected XSS * CSRF Attacks * Directory Traversal LEARN MORE * White Papers * TLS Security * WordPress Security * Web Service Security * Prevent SQL Injection COMPANY * About Us * Customers * Become a Partner * Careers * Contact DOCUMENTATION * Case Studies * Support * Videos * Vulnerability Index * Webinars * Login * Invicti Subscription Services Agreement * Privacy Policy * Terms of Use * Sitemap * Find us on Facebook * Follow us on Twiter * Follow us on LinkedIn © Acunetix 2023, by Invicti By using this website you agree with our use of cookies to improve its performance and enhance your experience. More information in our Cookie Policy. OK