Could you let me know how can I make sure my website is not vulnerable?
I have seen some tool like Acunetix Web Vulnerability Scanner which can tell website is Vulnerable or not but recently one of my friend's website was attached by uploading shell example http://website.com/web/bla/bla/bla/hack.html
"bla/bla/bla/hack.html " was added by hacker and when I checked his website using Acunetix Web Vulnerability Scanner and other tool I found, there is no alert or mentioned that his website is vulnerable.
Or the hacker might have used different method to attack? What method it could be ?
How can we make sure our website is not vulnerable ?