Platform updates

An enhanced version of our Website Vulnerability Scanner

Publisher
Pentest-Tools.com
Updated at
Article tags

To check the security of a web application or server, you need an automated scanner to save time spent on manual work.

Our Website Vulnerability Scanner does that and much more (including detecting widespread vulnerabilities like Log4Shell)! 

We’ve worked on improving the current version of the website scanner by adding new capabilities. To achieve that, our team created a custom scanning engine built on top of the free OWASP ZAP tool.

Scan your site for vulns

Here are the improvements added on top of the old website scanner (Nikto-based):

  • Perform authenticated scans (cookie-based method)

  • Spider the website and index up to 500 URLs and parameters

  • Actively scan for SQLi, XSS, File Inclusion, and OS command injection

  • Include the tests of the quick scanner to get a unified, centralized report

  • Check for outdated JavaScript libraries that could expose your website (web application) to threats

  • Include ZAP’s passive tests that detect various server configuration issues.

How to Perform Authenticated Website Scans with Pentest-Tools.com

Important note for API users:

Please use the option scantype=fullnew to start a new web vulnerability scan and check the capabilities of our new scanner.

We still kept the old scanning engine (Nikto-based) as a separate option in the user interface, but we intend to remove it sometime soon (and port some of its functionality to the new scanner).

Try the enhanced version of our Website vulnerability scanner and test your web app security to quickly identify vulnerabilities.

Get fresh security research

In your inbox. (No fluff. Actionable stuff only.)

I can see your vulns image

Discover our ethical hacking toolkit and all the free tools you can use!

Create free account

Footer

© 2013-2025 Pentest-Tools.com

Deloitte Fast 500 EMEA 2023

One of EMEA's fastest-growing tech companies.

Recognized by Deloitte in their Fast 500 EMEA 2023 for sustained financial growth and impact.

48,000+ security folks are here. Are you?

Follow us on LinkedIn for practical offensive security tips, guides, and real talk.

More than demos - real faces, real insight.

Subscribe on Youtube to see our team demo the product, build PoCs, and share what drives us.

G2 x Gartner

Security leaders trust what they can prove

See why they choose accurate results, time-saving automation, and clear reporting on Gartner Peer Reviews and G2.