Skip to content
/ SmartSecurityScan Public

Online pentest platform, security scanner, vulnerability scanner, IT security, cyber security scanner, web application scanner

3 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

CyberdyneSecurity/SmartSecurityScan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
Cyberdyne
Cyberdyne
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
autoload.php
autoload.php
 
 
composer.json
composer.json
 
 
composer.lock
composer.lock
 
 

Repository files navigation

Smart Security Scan PHP library (>= PHP 5.6)

N|Solid

Smart Security Scan is an online pen-test / security scan platform with customizable scan packages and white-labeling. You can create your own scan packages or use the already implemented packages.

You can integrate our scan platform into your business application by using our API. Make sure you request an API access token.

Scan areas

  • SSL Test
  • TCP/UDP Open ports
  • TCP/UDP Running services
  • TCP/UDP Service vulnerabilities
  • Malware scan
  • Information disclosure
  • Server misconfiguration
  • PHPInfo() Pages Accessible and PHPInfo() Disclosure in other Pages
  • CVS, GIT and SVN Information and Source Code Disclosure
  • XSS Protection Disabled
  • Apache Server-Status and Apache Server-Info pages Accessible
  • TRACE / TRACK Method Support Enabled
  • Sensitive Files Accessible
  • E-mail Address Disclosure
  • Directory Listing
  • Version Disclosure
  • Internal Path Disclosure
  • Database Error Message Disclosure
  • Application Source Code Disclosure
  • Web application vulnerability
  • Application security
  • Network security
  • Network scan
  • Server configuration
  • Shodan
  • OWASP / OWASP top 10

Techniques

  • SQL Injection
  • XSS (Cross-site Scripting)
  • DOM XSS
  • Command Injection
  • Blind Command Injection
  • LFI (Local File Inclusion) & Arbitrary File Reading
  • Remote File Inclusion
  • Remote Code Injection / Evaluation
  • CRLF / HTTP Header Injection / Response Splitting
  • Open Redirection
  • Frame Injection
  • Database User has Admin Privileges
  • Vulnerability Database (Inferred vulnerabilities)
  • ASP.NET ViewState Vulnerabilities
  • ViewState is not Signed
  • ViewState is not Encrypted
  • Hidden Resources Accessible
  • Crossdomain.xml File Vulnerable
  • Robots.txt File Vulnerable
  • Google Sitemap Vulnerable
  • Silverlight Client Access Policy File Vulnerable
  • Insecure Authentication Scheme Used Over HTTP
  • Password Transmitted over HTTP
  • Authentication Obtained by Brute Forcing
  • Basic Authentication Obtained over HTTP
  • Weak Credentials
  • Access Denied Resources
  • Cookies are not Marked as Secure
  • Cookies are not Marked as HTTPOnly
  • OWASP / OWASP top 10

Information gathering

  • Network Security

  • Web Application Security

  • Security scan

  • Vulnerability scan

  • Penetration Testing

  • SSL Test

Scan multiple targets with different settings and pay automatically with your credits. You can buy 1 or multiple credit packs.

Combine multiple scan commands to create your own package. Schedule your pentest on a montly or even daily basis.

Receive your scan report per mail or download the PDF version from your dashboard.

About

Online pentest platform, security scanner, vulnerability scanner, IT security, cyber security scanner, web application scanner

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

2 watching

Forks

4 forks
Report repository

Releases 6

New functionalities added Latest
Apr 25, 2017
+ 5 releases

Packages

No packages published

Languages