105 specialized auditors covering databases, web servers, network protocols, ICS/SCADA, cloud infrastructure, and more.
Ransomware Exposure Dashboard
Kill-chain scoring, attack chain simulation, one-click hardening
Showing 127 of 127 scanners
Deep MySQL/MariaDB security assessment — authentication, privileges, replication, query injection vectors, and configuration hardening
Comprehensive PostgreSQL security scan — roles, extensions, row-level security, pg_hba.conf analysis, and connection encryption
Microsoft SQL Server assessment — SA account, xp_cmdshell, linked servers, encryption, and CLR assembly risks
Oracle Database security checks — TNS listener, default accounts, audit trails, and privilege escalation paths
MongoDB security assessment — authentication bypass, BSON injection, replica set security, and access control validation
Redis security scan — unauthenticated access, dangerous commands, RDB/AOF exposure, and Lua script risks
Extended Redis analysis — cluster security, sentinel configuration, ACL validation, memory analysis, and keyspace enumeration
Elasticsearch cluster security — anonymous access, index permissions, snapshot exposure, and X-Pack configuration
CouchDB security assessment — admin party mode, replication security, attachment handling, and view function injection
Apache Cassandra security scan — authentication, inter-node encryption, role management, and CQL injection checks
Neo4j graph database audit — Bolt protocol security, Cypher injection, APOC procedures, and browser console exposure
InfluxDB time-series audit — token management, bucket permissions, Flux query injection, and retention policy review
ClickHouse analytics DB scan — HTTP interface exposure, user profile limits, dictionary security, and query complexity
IBM DB2 security assessment — instance configuration, SYSADM authority, audit policies, and DRDA protocol checks
Memcached security scan — UDP amplification risk, SASL authentication, stats exposure, and binary protocol analysis
Solr search platform audit — admin UI exposure, config API access, velocity template injection, and core enumeration
Apache web server audit — mod_status exposure, directory traversal, .htaccess bypass, and SSL/TLS configuration
Nginx security assessment — misconfigurations, alias traversal, stub_status exposure, and upstream proxy issues
Apache Tomcat security scan — manager app exposure, default credentials, AJP ghostcat, and deployment vulnerabilities
HAProxy load balancer audit — stats page exposure, ACL bypass, stick-table leaks, and health check manipulation
HTTP/2 protocol security analysis — HPACK bombing, stream multiplexing abuse, priority manipulation, and rapid reset
General HTTP security scan — header analysis, method enumeration, cookie flags, CORS policy, and security headers
phpMyAdmin security check — version detection, default credentials, configuration exposure, and setup script access
Webmin control panel audit — authentication bypass, RCE vulnerabilities, module security, and session management
cPanel/WHM security assessment — API token exposure, two-factor status, Tweak Settings review, and privilege escalation
Proxy server security scan — open relay detection, SSRF via proxy, cache poisoning, and header injection through proxies
Apache Kafka security audit — broker authentication, topic ACLs, consumer group hijacking, and ZooKeeper integration risks
RabbitMQ security scan — management UI exposure, default guest account, exchange/queue permissions, and shovel plugin risks
Apache ActiveMQ audit — web console access, JMX exposure, deserialization vulnerabilities, and STOMP protocol security
MQTT broker security assessment — anonymous subscriptions, topic wildcards, ACL enforcement, and TLS certificate validation
Docker daemon security scan — exposed API, privileged containers, image vulnerabilities, and namespace/cgroup configuration
Kubernetes API/kubelet security assessment — RBAC misconfigurations, anonymous auth, etcd exposure, and pod security policies
HashiCorp Consul security audit — ACL token management, service mesh mTLS, gossip encryption, and KV store access control
etcd key-value store security — client authentication, peer encryption, role-based access, and snapshot exposure
Apache ZooKeeper security scan — four-letter command exposure, SASL authentication, ACL enforcement, and snapshot security
HashiCorp Vault security assessment — seal status, auth method configuration, policy review, and secret engine security
Prometheus monitoring security — exposed metrics, federation endpoint, remote write/read, and alertmanager configuration
Grafana dashboard security scan — default admin credentials, API key management, LDAP integration, and data source exposure
Kibana dashboard security audit — unauthenticated access, saved object exposure, console API risks, and reporting security
Logstash pipeline security — input plugin exposure, codec injection, persistent queue access, and monitoring API security
Jenkins CI/CD security scan — script console access, build secrets exposure, plugin vulnerabilities, and agent security
Docker/Podman runtime deep audit — container isolation, capability leaks, mount exposure, and image vulnerability analysis
DNS server security assessment — zone transfer attempts, cache poisoning risk, DNSSEC validation, and recursion exposure
DNS zone configuration audit — record validation, SPF/DKIM/DMARC analysis, dangling CNAMEs, and subdomain takeover risks
SMTP mail server security — open relay testing, STARTTLS enforcement, SPF alignment, and user enumeration via VRFY/EXPN
FTP server security scan — anonymous access, cleartext credentials, directory traversal, and bounce attack susceptibility
SSH server security assessment — algorithm strength, key exchange analysis, banner information leakage, and brute-force resistance
SNMP security scan — community string brute-force, v1/v2c plaintext risks, MIB walking, and SNMPv3 authentication validation
LDAP directory security — anonymous bind, null base search, password policy enforcement, and StartTLS configuration
NTP server security assessment — monlist amplification, mode 6 queries, authentication status, and time source validation
Telnet service security check — cleartext protocol risks, banner grabbing, environment variable injection, and authentication bypass
TFTP server security scan — unauthenticated file access, directory traversal, configuration file extraction, and write access testing
Syslog service audit — UDP message injection, TCP/TLS transport security, message format validation, and facility/severity analysis
IMAP mail server security — STARTTLS enforcement, AUTHENTICATE command analysis, mailbox enumeration, and IDLE command abuse
IPv6 exposure audit — dual-stack firewall gaps, RA guard bypass, IPv6 tunnel detection, and unmonitored address space
Active Directory security assessment — GPO analysis, Kerberoasting targets, AS-REP roasting, and privilege escalation paths
Kerberos protocol security — ticket validation, delegation configuration, encryption type analysis, and pre-auth requirements
RADIUS authentication security — shared secret strength, EAP method analysis, accounting integrity, and proxy chain validation
Cloud metadata service audit — IMDS v1/v2, instance role permissions, user-data exposure, and SSRF to metadata risks
Cloud storage security — S3/Azure Blob/GCS bucket permissions, public access, versioning, encryption, and lifecycle policies
MinIO object storage security — API endpoint exposure, policy misconfigurations, console access, and bucket notification leaks
NFS file share security — export permissions, showmount enumeration, UID/GID mapping, and NFSv4 ACL validation
Remote Desktop Protocol security — NLA enforcement, CredSSP configuration, encryption level, and BlueKeep vulnerability check
VNC server security scan — authentication type, encryption status, clipboard exposure, and version-specific vulnerabilities
Windows Remote Management audit — HTTP/HTTPS transport, authentication methods, session encryption, and firewall rules
IKE/IPsec VPN security — aggressive mode, PSK brute-force susceptibility, transform enumeration, and dead peer detection
PPTP VPN security assessment — MS-CHAPv2 weakness, GRE tunnel analysis, encryption negotiation, and known vulnerability checks
OpenVPN configuration audit — cipher strength, certificate validation, tls-auth/tls-crypt, and management interface exposure
WireGuard VPN security scan — key management, allowed-IPs configuration, endpoint exposure, and handshake analysis
SSL VPN gateway security — endpoint exposure, authentication bypass, session management, and known CVE detection
Siemens S7 PLC security — CPU access protection, communication integrity, program upload/download, and rack/slot enumeration
DNP3 SCADA protocol audit — unsolicited response handling, authentication bypass, broadcast message abuse, and data integrity
Modbus protocol security — function code scanning, coil/register enumeration, device identification, and write operation testing
BACnet building automation audit — device enumeration, object property reading, write access testing, and network broadcast analysis
OPC UA industrial protocol security — endpoint discovery, security policy analysis, certificate validation, and session management
CoAP IoT protocol security — resource discovery, DTLS configuration, observe notification abuse, and block-wise transfer analysis
SMB/CIFS file sharing security — share enumeration, null session access, signing enforcement, and EternalBlue vulnerability checks
Rsync service security scan — anonymous module listing, file exfiltration, path traversal, and daemon authentication analysis
Subversion server security — repository listing, authentication bypass, svnserve configuration, and commit access control
Git protocol security scan — exposed .git directories, repository enumeration, hook injection, and smart HTTP access control
Sun RPC portmapper security — service enumeration, NFS mount discovery, NIS domain mapping, and rpcbind bypass attempts
SIP VoIP security assessment — registration hijacking, INVITE flooding, call interception, and authentication challenge analysis
XMPP/Jabber security scan — server-to-server dialback, STARTTLS enforcement, in-band registration, and roster privacy
RTSP streaming protocol audit — unauthenticated stream access, method enumeration, teardown abuse, and media URI discovery
Multicast DNS security — service discovery exposure, hostname enumeration, cache poisoning risk, and network reconnaissance
SSDP/UPnP security scan — device discovery, amplification risk, XML parsing vulnerabilities, and IGD port mapping exposure
Network printer security — PJL/PCL command injection, SNMP configuration, web interface exposure, and print job interception
IPMI baseboard management audit — cipher zero vulnerability, authentication bypass, user enumeration, and SOL session risks
CUPS print server security — web admin exposure, printer sharing ACLs, subscription notification abuse, and IPP protocol risks
TLS/SSL certificate and protocol analysis — cipher suites, certificate chain, HSTS enforcement, and known vulnerability checks
X.509 certificate audit — expiration tracking, key strength, SAN validation, CT log monitoring, and revocation status
Web Application Firewall detection — fingerprinting, bypass technique testing, rule coverage analysis, and evasion vector discovery
Multi-database baseline security check — port scanning, banner analysis, default credential testing, and TLS enforcement
Web shell and backdoor detection — file signature scanning, obfuscated code patterns, and unauthorized script identification
Local firewall configuration audit — iptables, nftables, ufw rule analysis, default policy enforcement, and zone inspection
Linux kernel sysctl security parameters — network stack hardening, memory protections, and execution restrictions
User account security — password policy, empty passwords, UID 0 accounts, shell assignments, and account expiration
Sudoers file security — NOPASSWD entries, wildcard abuse, path injection, and privilege escalation via sudo misconfigurations
SSH daemon hardening — root login, password auth, key algorithms, protocol version, and forwarding restrictions
Credential exposure scan — API keys, passwords, tokens, private keys, and secrets in config files and environment variables
Crontab security — world-writable scripts, PATH manipulation, wildcard injection, and unauthorized scheduled tasks
Systemd unit file security — sandboxing directives, capability restrictions, and service hardening assessment
Log infrastructure audit — log integrity, rotation policy, remote logging, and audit trail completeness
SUID/SGID binary audit — unexpected setuid files, package integrity, and world-writable executables
Detect 10+ Linux persistence mechanisms — cron, systemd, init.d, bashrc, authorized_keys, and kernel modules
PAM configuration audit — authentication module chain, faillock settings, password quality, and session restrictions
CPU security flags audit — AES-NI, SGX, SMEP/SMAP, NX bit, Spectre/Meltdown mitigations, and microcode version
Memory protection audit — ASLR, kptr_restrict, BPF restrictions, ptrace scope, kernel lockdown, and swap encryption
Boot security audit — UEFI Secure Boot, firmware age, IOMMU/VT-d, kernel module signing, and GRUB password protection
Filesystem mount audit — nosuid/noexec/nodev on /tmp and /dev/shm, LUKS encryption, hidepid, and sticky bit checks
Active network state audit — wildcard listeners, promiscuous interfaces, IP forwarding, SYN cookies, and reverse path filtering
SMART disk health assessment — overall health, reallocated sectors, temperature, SSD wear level, and power-on hours
Windows registry security settings — UAC enforcement, LSASS protection, SMB hardening, and Defender configuration review
Credential exposure assessment — unattend.xml secrets, GPP cpassword, saved credentials, LAPS configuration, and cached logons
Privilege escalation surface — unquoted service paths, DLL hijacking, AlwaysInstallElevated, UAC bypass vectors, and token impersonation
Service security audit — dangerous running services, Print Spooler exposure, WinRM configuration, and service account privileges
Firewall profile analysis — domain/private/public rules, logging configuration, RDP exposure, and public port risk assessment
Audit policy review — security event logging, PowerShell transcription/ScriptBlock, Sysmon presence, and log retention policies
CVE version matching — BlueKeep, Zerologon, PrintNightmare, EternalBlue, PetitPotam, and other critical Windows vulnerabilities
IIS web server hardening — directory browsing, TLS configuration, application pool identity, WebDAV exposure, and request filtering
NTLM relay attack surface — SMB/LDAP signing enforcement, Extended Protection for Authentication, and coercion vectors (PetitPotam, PrinterBug, WebClient)
Active Directory Certificate Services misconfigurations — ESC1 through ESC8 attack vectors, template permissions, web enrollment exposure, and manager approval bypass
Update infrastructure poisoning — WSUS HTTP downgrade, SCCM Network Access Account credential extraction, client push abuse, and update signing validation
Deep Print Spooler attack surface audit — Point-and-Print driver restrictions, remote RPC endpoint exposure, PrintNightmare mitigations, and NTLM relay chain correlation scoring
Windows Defender posture — real-time protection, tamper protection, ASR rules, Controlled Folder Access, SmartScreen, signature age, and exclusion hygiene
Ransomware resilience scoring — BitLocker encryption, Volume Shadow Copies, backup detection, admin share exposure, RDP/NLA, LLMNR/NetBIOS, and PowerShell policy
Phishing surface assessment — Office macro policy, Protected View, Mark of the Web, browser versions, Windows Script Host, HTA associations, and Edge SmartScreen