Platform updates

[New scanners] Find Associated Domains, Password Auditor, and 2 more new tools

Updated at

Vulnerability scanners are essential tools for penetration testers who need to assess the security of their servers, sites, or networks.

That’s why we focus on adding new scanners on to help our customers discover critical security flaws quickly and effectively. 

Here are 4 new dedicated scanners we added in the current update:

1. Find Associated Domains in one click

Identifying all the domains and associated domains of a target is an essential step in the information-gathering phase of a pentest.

With our new Find Associated Domains scanner, you can discover a target’s associated domains in a single click!

Here’s what a Find Associated Domains sample report looks like:

Map your attack surface to quickly detect vulnerable systems and reduce your target’s exposure to cyber-attacks!

Try the new scanner

2. Discover weak credentials with Password Auditor

A single weak password could expose your entire network and lead to serious security threats!

Password Auditor is another scanner we added to the platform. It enables you to automatically discover weak and default passwords in various network services (e.g. SSH, FTP, MySQL) or web pages (web forms).

Check out this sample report of the Password Auditor scanner results:

Use the Password Auditor tool to automate previously manual work using tools like Medusa, Hydra, or Ncrack and quickly detect services that require authentication (login form). Learn more about performing authenticated scans with in our dedicated blog article.

Scan for weak passwords

3. Confirm SQL Injection with the SQLi Exploiter scanner

SQLi Exploiter with SQLMap is another dedicated scanner we added on the platform.

The tool enables security specialists to easily exploit SQL Injection vulnerabilities and extract information from the database using the popular SQLMap tool.

The scanner report includes information about the vulnerable parameters, the SQL Injection method type, the payload, and other details you need to demonstrate the security risks.

Here’s what the SQLi Exploiter sample report looks like:

Save time and report the SQL injection vulnerabilities with our SQLi Exploiter scanner!

Try the SQLi Exploiter scanner

4. Create PoC scenarios with the XSS Exploiter

The XSS Exploiter is the last dedicated scanner we added on

The tool helps users create trustworthy proof-of-concept scenarios and easily demonstrate the risk of Cross-Site Scripting attacks.

Try the XSS Exploiter 

The tool generates a custom JavaScript file that you include as a payload in the XSS attack to gather information about users and measure the security awareness of your organization.

Here’s what data the XSS Exploiter sample includes:

Use this free tutorial about 5 XSS scenarios to learn how to simulate XSS exploits and prove the real business impact of these attacks.

Show your customers how easy it is to exploit the XSS vulnerability found in the web application by simulating XSS attack scenarios with the XSS Exploit tool.

Get fresh security research

In your inbox. (No fluff. Actionable stuff only.)

I can see your vulns image

Related articles

Discover our ethical hacking toolkit and all the free tools you can use!

Create free account


© 2013-2024 has a LinkedIn account it's very active on

Join over 45,000 security specialists to discuss career challenges, get pentesting guides and tips, and learn from your peers. Follow us on LinkedIn! has a YouTube account where you can find tutorials and useful videos

Expert pentesters share their best tips on our Youtube channel. Subscribe to get practical penetration testing tutorials and demos to build your own PoCs!

G2 award badge recognized as a Leader in G2’s Spring 2023 Grid® Report for Penetration Testing Software. Discover why security and IT pros worldwide use the platform to streamline their penetration and security testing workflow.

OWASP logo is a Corporate Member of OWASP (The Open Web Application Security Project). We share their mission to use, strengthen, and advocate for secure coding standards into every piece of software we develop.