Website Vulnerability Scanner

Scan type

The Website Vulnerability Scanner is a highly-accurate vulnerability scanning solution, battle-tested in real life penetration testing engagements.

Quickly detect XSS, SQL injection, Command injection, XXE and other critical issues - automatically validated to eliminate false positives.

A powerful Website Scanner for all web applications

Part of the pentesting arsenal, the Website Vulnerability Scanner is a custom web application scanner that our team of security researchers and engineers developed from scratch.

Designed to be both powerful and easy to use, the scanner accommodates the needs of both security teams and application security professionals.

Powerful Website scanner report
Built by penetration testers illustration

Built by penetration testers

The team behind the Website Vulnerability Scanner has a proven hands-on experience in penetration testing engagements and other offensive security work. This is why we designed the scanner to mimic attackers’ real tactics and focus on realistic, exploitable issues rather than ticking boxes. Furthermore, we battle-test the scanner every day in the security testing work performed by our professional services team.

Low false positives rate illustration

Low false positives rate

We’re constantly fine-tuning the scanner to produce highly accurate results so you don’t waste precious time with manual validation. The Website Vulnerability Scanner does automatic finding validation, applying a Confirmed label when the tool is confident the vulnerability is there.

Scan JavaScript-heavy websites illustration

Scan JavaScript-heavy websites

The Website Vulnerability Scanner uses a powerful browser-based crawler to scan Single Page Applications (SPAs) and other JavaScript-heavy websites fast and accurately. This approach ensures great attack surface coverage and sets the ground for a high vulnerability detection rate.

Authenticated scanning illustration

Authenticated scanning

You can also use the Website Vulnerability Scanner to scan behind login pages and uncover vulnerabilities as an authenticated user. The tool offers multiple authentication methods such as username/password, custom headers, cookies, and recorded login sessions.

Out-of-band detection illustration

Out-of-band detection

Besides classic web application vulnerabilities which show up immediately in the HTTP responses, there are also those which don’t appear in response pages. But, because they produce out-of-band requests to our logging servers, we are able to detect them this way.

High-quality reports illustration

High-quality reports

Our customers love the reports of the Website Vulnerability Scanner because they include relevant findings explained in a friendly language. There’s also enough evidence and information to help you reproduce and manually validate the finding, plus detailed remediation recommendations.

Website scanner intro

Web app scanning with the Website Vulnerability Scanner

Latest scanner updates

Our well-loved Website Vulnerability Scanner also got updates, as it does every single month:

  • SSTI code context - we've improved the capabilities of our Server Side Template Injection detector by adding payloads that work in code context.

  • JWT phase 2 - And we've finished the second part of our JWT detector by adding payloads that work in code context. It can now detect: Weak HMAC Secrets and Algorithm Confusion issues.

Sample Website Vulnerability Scanner report

This sample report from our scanner shows the main sections it includes, the look and feel, plus the level of detail for the findings.

  • This section provides a helpful overview of the findings and a visual representation of risk levels across all identified vulnerabilities.

    Vulnerability summary preview

How does the Website Vulnerability Scanner work?

The Website Vulnerability Scanner is a DAST (Dynamic Application Security Testing) tool which tries to discover vulnerabilities like XSS, SQL injection, HTTP Prototype Pollution, Directory Traversal, and more in running web applications.

The scanner interacts with the target application by sending numerous HTTP requests with specific payloads. If the application is vulnerable, these payloads will determine the code to behave abnormally, informing the scanner that a vulnerability exists.

Use this tool from your command line interface

If you prefer it, we also provide a CLI version of our Website Vulnerability Scanner. Through the CLI, you can run Light scans against your web apps and start gathering insights for your next move.

  • 1. Installation

    curl -s -o /tmp/
    unzip /tmp/ -d /tmp/ptt
    chmod +x /tmp/ptt/main
    sudo mv /tmp/ptt/main /usr/local/bin/ptt

    If you have docker or pip installed, you can use them to get ptt-scan:

    docker run --rm -it pentesttoolscom/ptt-scan:latest run website_scanner

    2. Usage

    Quickstart: Run the following command in your terminal/command line to find the vulnerabilities of your website.

    ptt run website_scanner <target_url>

    You can learn more options with the -h flag:

    ptt -h

It's really easy to scan your web application for vulnerabilities

No setup required

Being a cloud-based scanner, it just works out of the box. There’s no need to install anything on your end to scan public-facing web applications. Just create an account and start scanning.


It’s a really good idea to scan your web applications periodically since new vulnerabilities appear every day. With, you can schedule daily, weekly, monthly or quarterly scans against your web apps and automatically get reports via email or other channels when risks emerge.

API access

Many of our customers prefer to trigger scans programmatically, through our REST API. This lets you integrate our scanner with your internal processes (CI/CD, data sources, custom applications) and reduces manual scanning work.

Internal scanning

You can also use the Website Vulnerability Scanner to detect vulnerabilities in applications hosted on internal networks, intranets, private clouds, or restricted network segments. A quick and easy VPN Agent setup routes the traffic from our servers to your internal network and gets you ready to scan.


We know your security team loves their tools. So, we made sure ours plays nicely with favorites like Jira, Slack, Email, and Webhooks. Just set your rules and get your results automatically on any of these platforms when the scans are done.

Customer reviews is my team's first go-to solution. Anytime we are preparing to deploy a new version of our software, we run many tools to monitor and secure our environment, but the simplicity and ease we have with to run network and web server scans to highlight issues is unmatched.

Michael Dornan Linkedin profile

Michael Dornan

CEO at Tili Group

Israel 🇮🇱

Testimonial author: Michael Dornan

Common questions about web vulnerability scanning

A web vulnerability scanner is a specialized software tool designed to automatically identify security flaws within web applications. A reliable, robust website security scanner should be able to mimic real attacker tactics and identify realistic, exploitable security issues.

Our Website Vulnerability Scanner is a robust example of this type of tool, offering a comprehensive scan that identifies threats and also validates them to reduce false positives.

It works by interacting with the target application, sending a series of HTTP requests with specific payloads, and analyzing the responses to detect potential vulnerabilities such as Cross-Site Scripting (XSS), SQL injection, and other pressing security issues and misconfigurations.

Ready for your next step? Try these tools