Tuesday, September 20, 2016

how to make ACUNETIX more "stealthy" with FIDDLER

to avoid that infrastructure components like IPS/WAFS etc. detect AKUNETIX in a early crawling/scanning stage the custom ACUNETIX headers can be deleted with FIDDLER by adding this into "fiddler/rules/customize rules". this will delete all headers starting with "Acunetix-".

one of the first request ACUNETIX does is the search of /acunetix-wvs-test-for-some-inexistent-file on the scanned domain.

with a simple autoresponder rule FIDDLER can catch this request and responded with HTTP 204 (or whatever you like) without touching the scanned host.

nevertheless your scan can and may be discovered. but this will avoid  a detection with the first call.