Skip to content
NEW: automatically exploit Confluence OGNL injection with Sniper

SharePoint Security Scanner

Find vulnerabilities in internet-facing SharePoint installations

Sample Report | Use Cases | Technical Details

Need to see the full results?

Unlock the full power and feature of our SharePoint Security Scanner! Compare pricing plans and discover more tools and features.

Sample Report

Here is a SharePoint Security Scanner sample report:

  • Includes the SharePoint components with incorrect permissions
  • Includes details of SharePoint users (when they can be extracted)
  • Shows the SharePoint version installed and web server information
  • Analyzes the HTTP server headers and the SharePoint information leaked

Download Sample Report

Sample report

SharePoint Security Scanner - Use Cases

Discover various security weaknesses and vulnerabilities in web applications built on top of Microsoft SharePoint and FrontPage.

SharePoint Penetration Testing

The scanner allows you to speed-up your penetration test since it is already installed, configured and ready-to-go. Quickly discover incorrect SharePoint permissions, web services, version numbers, user enumeration and more.

Self-Security Assessment

Check if your own installation of SharePoint is updated and properly configured. Enumerate the existing permissions on sensitive _layouts, _catalogs and forms. Check if user enumeration is possible.

Third-Party Website Audit

If you are a web development company, you can also show this report to your clients and prove that you have implemented the proper security measures in the SharePoint application.

Technical Details


List of tests performed

The following tests are done every time the scanner runs:
  • Gather information about the SharePoint version installed
  • Analyze SharePoint configuration settings
  • Verify public exposure of SharePoint web services
  • Attempt to do user enumeration
  • Check permissions on default SharePoint _layouts, _catalogs, and forms
  • Find public information (indexed by Google) about the target

The SharePoint security assessment is performed remotely, in a black-box manner. The results of the scan should be interpreted from the perspective of an anonymous user who accesses the target website.


Parameter Description
Target URL This is the URL of the SharePoint website that will be scanned. All URLs must start with 'http' or 'https'.

How it works

The scanner connects to the target SharePoint server and tries to retrieve certain default pages that indicate the presence of the mentioned vulnerabilities.
Furthermore, the HTTP response headers received from the server are also analyzed to find security issues.