Sharepoint Security Scanner

About this tool

Discover various security weaknesses and vulnerabilities in web applications built on top of Microsoft SharePoint and FrontPage.

List of tests performed

The following tests are done every time the scanner runs:

Gather information about the SharePoint version installed
Analyze SharePoint configuration settings
Verify public exposure of SharePoint web services
Attempt to do user enumeration
Check permissions on default SharePoint \_layouts, \_catalogs, and forms
Find public information (indexed by Google) about the target

The SharePoint security assessment is performed remotely, in a black-box manner. The results of the scan should be interpreted from the perspective of an anonymous user who accesses the target website.

Parameters

Target URL: This is the URL of the SharePoint website that will be scanned. All URLs must start with 'http' or 'https'.

How it works

The scanner connects to the target SharePoint server and tries to retrieve certain default pages that indicate the presence of the mentioned vulnerabilities.

Furthermore, the HTTP response headers received from the server are also analyzed to find security issues.