cyberdynesecurity/smartsecurityscan

Smart Security Scan PHP library for API communication

Maintainers

Details

github.com/CyberdyneSecurity/SmartSecurityScan

Homepage

Source

Issues

Installs: 24

Dependents: 0

Suggesters: 0

Security: 0

Stars: 3

Watchers: 2

Forks: 4

Open Issues: 0

v1.0.5 2017-04-25 05:39 UTC

Requires

MIT 7301d593a86d6ee78851b13bf6e4810978169d5e

phpapismart securitycyberdyne

This package is not auto-updated.

Last update: 2025-06-22 05:44:59 UTC

README

N|Solid

Smart Security Scan is an online pen-test / security scan platform with customizable scan packages and white-labeling. You can create your own scan packages or use the already implemented packages.

You can integrate our scan platform into your business application by using our API. Make sure you request an API access token.

Scan areas

  • SSL Test
  • TCP/UDP Open ports
  • TCP/UDP Running services
  • TCP/UDP Service vulnerabilities
  • Malware scan
  • Information disclosure
  • Server misconfiguration
  • PHPInfo() Pages Accessible and PHPInfo() Disclosure in other Pages
  • CVS, GIT and SVN Information and Source Code Disclosure
  • XSS Protection Disabled
  • Apache Server-Status and Apache Server-Info pages Accessible
  • TRACE / TRACK Method Support Enabled
  • Sensitive Files Accessible
  • E-mail Address Disclosure
  • Directory Listing
  • Version Disclosure
  • Internal Path Disclosure
  • Database Error Message Disclosure
  • Application Source Code Disclosure
  • Web application vulnerability
  • Application security
  • Network security
  • Network scan
  • Server configuration
  • Shodan
  • OWASP / OWASP top 10

Techniques

  • SQL Injection
  • XSS (Cross-site Scripting)
  • DOM XSS
  • Command Injection
  • Blind Command Injection
  • LFI (Local File Inclusion) & Arbitrary File Reading
  • Remote File Inclusion
  • Remote Code Injection / Evaluation
  • CRLF / HTTP Header Injection / Response Splitting
  • Open Redirection
  • Frame Injection
  • Database User has Admin Privileges
  • Vulnerability Database (Inferred vulnerabilities)
  • ASP.NET ViewState Vulnerabilities
  • ViewState is not Signed
  • ViewState is not Encrypted
  • Hidden Resources Accessible
  • Crossdomain.xml File Vulnerable
  • Robots.txt File Vulnerable
  • Google Sitemap Vulnerable
  • Silverlight Client Access Policy File Vulnerable
  • Insecure Authentication Scheme Used Over HTTP
  • Password Transmitted over HTTP
  • Authentication Obtained by Brute Forcing
  • Basic Authentication Obtained over HTTP
  • Weak Credentials
  • Access Denied Resources
  • Cookies are not Marked as Secure
  • Cookies are not Marked as HTTPOnly
  • OWASP / OWASP top 10

Information gathering

  • Network Security

  • Web Application Security

  • Security scan

  • Vulnerability scan

  • Penetration Testing

  • SSL Test

Scan multiple targets with different settings and pay automatically with your credits. You can buy 1 or multiple credit packs.

Combine multiple scan commands to create your own package. Schedule your pentest on a montly or even daily basis.

Receive your scan report per mail or download the PDF version from your dashboard.