Start Here:

Here you can scan your web site URLs to test for a variety of vulnerabilities to ensure that your host server has not been compromised and that your Web site settings are secure.

Features:

  • Crawler: Crawls your website to identify and display all URLs belonging to the website.
  • Scanner: Crawls your website and scans all URLs found for vulnerabilities.
  • Scan History: Allows you to view or download PDF reports of previous scans that they performed.
  • Register: Allows you to register with the web application.
  • Login: Allows you to login to the web application.
  • Options: Allows you to select which vulnerabilities they wish to test for (all are enabled by default).
  • PDF Generation: Dynamically generates a detailed PDF report.

Vulnerabilities tested:

Cross-site Scripting

XSS is a type of web application security vulnerability, which allows code injection by malicious web users into the web pages viewed by other users.

For Further Reading

Directory Listing Enabled

Directory listings may disclose information about the web application and it's environment that was not intended to be public.

For Further Reading

Reflected Cross-site Scripting

XSS is a type of web application security vulnerability, which allows code injection by malicious web users into the web pages viewed by other users.

Reflected Cross-site Scripting is a type of XSS where the injected code is reflected off the web server. This kind of XSS is short-lived and requires a phishing vector to be delivered to the victim.

For Further Reading

HTTP Banner Disclosure

This information is stored in http headers, and sent along with every web page request made by a user visiting your page. As a result, it is very easy for anyone to find out what kind of settings such a server is using.

By itself, this information is harmless, although it does give away some information about your website setup. A dedicated attacker can use this information to find and craft attacks specific to your system, or automated attacks may search for specific configurations to attack. Although it is difficult to prevent someone from finding this information using other methods, disabling server headers reduces the likelihood of attacks on the site.

The most common use of this kind of information is automated attacks which search on Google for specific server configurations known to be vulnerable, or to automate attacks known to work against setups similar to what is found on the site. Removing these values form the server header will prevent these types of automated attacks from occurring.

Unvalidated Redirects

Common website functions, such as search results or account logins, frequently use redirects or forwards to send visitors to another destination. The web address often references the destination, which is displayed after url=.

If the website doesn't verify the destination, redirects or forwards might be vulnerable to modification. An attacker can change the destination address to send visitors to a malicious site that appears to be part of the original location. Phishing schemes often exploit unvalidated redirects and forwards, because an attacker can hide a malicious URL behind the original address.

The easiest way to prevent vulnerabilities with redirects and forwards is not to use them on your website. If that's not possible, set up a whitelist for "safe" destinations, and consider disallowing off-site redirects.

For Further Reading

Potentially Insecure Direct Object References

Through a vulnerability targeting insecure direct object references, the hacker is effectively redirected to an object through a modified parameter value, granting access to an area he or she was once prohibited from.

Reflected Cross-Site Scripting

Reflected Cross-site Scripting (XSS) occur when an attacker injects browser executable code within a single HTTP response. The injected attack is not stored within the application itself; it is non-persistent and only impacts users who open a maliciously crafted link or third-party web page. The attack string is included as part of the crafted URI or HTTP parameters, improperly processed by the application, and returned to the victim.

For Further Reading

Broken Authentication using SQL Injection

Authentication and session management includes all aspects of handling user authentication and managing active sessions. Authentication is a critical aspect of this process, but even solid authentication mechanisms can be undermined by flawed credential management functions, including password change, forgot my password, remember my password, account update, and other related functions. Because "walk by" attacks are likely for many web applications, all account management functions should require reauthentication even if the user has a valid session id.

For Further Reading

Autocomplete Enabled on Password Fields

Browsers will sometimes ask a user if they wish to remember the password that they just entered. The browser will then store the password, and automatically enter it whenever the same authentication portal is visited. This is a convenience for the user. Autocomplete is a HTML tag attribute used to disable the form auto completion mechanism of the browser.