Sample Report

This is the URL of the SharePoint installation that will be scanned for security weaknesses.

About the SharePoint Security Scanner

Finds various security weaknesses in web applications using SharePoint and FrontPage architecture.

List of tests performed

Gather information about the SharePoint version installed
Analyze SharePoint configuration settings
Public exposure of SharePoint web services
User enumeration
Permissions on default SharePoint _layouts, _catalogs and forms
Finds public information (indexed by Google) about the target

The SharePoint security assessment is performed remotely, in a black-box manner. The results of the scan should be interpreted from the perspective of an anonymous user who accesses the target website.


  • Target URL: This is the url of the SharePoint website that will be scanned. All urls must start with http or https.

How it works

The scanner connects to the target SharePoint server and tries to retrieve certain default pages that indicate the presence of the mentioned weaknesses.
Furthermore, the HTTP response headers received from the server are also analyzed to find security issues.