Home Platform updates An enhanced version of our Website Vulnerability Scanner

An enhanced version of our Website Vulnerability Scanner

by Ioana Rijnetu

Reading time

< 1

Reading Time: < 1 minute

To check the security of a web application or server, you need an automated scanner to save time spent on manual work.

Our Website Vulnerability Scanner does that and much more (including detecting widespread vulnerabilities like Log4Shell)! 

We’ve worked on improving the current version of the website scanner by adding new capabilities. To achieve that, our team created a custom scanning engine built on top of the free OWASP ZAP tool.

Scan your site for vulns

Here are the improvements added on top of the old website scanner (Nikto-based):

  • Perform authenticated scans (cookie-based method)
  • Spider the website and index up to 500 URLs and parameters
  • Actively scan for SQLi, XSS, File Inclusion, and OS command injection
  • Include the tests of the quick scanner to get a unified, centralized report
  • Check for outdated JavaScript libraries that could expose your website (web application) to threats
  • Include ZAP’s passive tests that detect various server configuration issues.

Important note for API users:

Please use the option scan_type=full_new to start a new web vulnerability scan and check the capabilities of our new scanner.

We still kept the old scanning engine (Nikto-based) as a separate option in the user interface, but we intend to remove it sometime soon (and port some of its functionality to the new scanner).

Try the enhanced version of our Website vulnerability scanner and test your web app security to quickly identify vulnerabilities.

Related Posts

Pentest-tools.com platform updates April 2022

April updates: Get RCE evidence for 6 critical CVEs

Pentest-Tools.com product updates March 2022

March updates: Spring4Shell: find and confirm exploitable targets and more updates



Subscribe to our Platform Updates

Please select how you would like to hear from Pentest-Tools.com:

Unsubscribe any time by clicking the link in the footer of our emails.
For information about our privacy practices, please visit https://pentest-tools.com/.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing.
Learn more about Mailchimp's privacy practices here.

View previous campaigns.