Acunetix on-premise installations can be extended with custom vulnerability checks, boosting scan coverage and functionality.
Kevin Attard Compagno, blogging for Acunetix, provides an overview and some tips for customers who would like to tailor Acunetix to their specific requirements and have basic knowledge of the languages in the JavaScript, ECMAScript or TypeScript families.
“Acunetix embraces and builds upon well-established design patterns and extends them with DAST-specific features where needed,” he says. “A basic understanding of how Acunetix web vulnerability scans work internally is required.”
Any of the built-in checks may be enabled as well, as Acunetix will automatically prevent them from interfering with each other. Once saved, the newly created scan type can be selected when launching a scan.
Read a full technical walk-through of custom vulnerability check creation here.
Custom scripts can report vulnerabilities and other issues, and the reported item will be treated by Acunetix just like a natively implemented vulnerability alert: it will be displayed within the user interface, and, depending on your configuration, may be submitted to connected issue trackers.