Next-generation online security audit software

There are a wide variety of scanning software available on the market, which can be summarized as two types

1. Client software (such as WVS, Nessus..., metaspo.pdf ..)

2. B/S mode 

Let's talk about the client. Some development companies are responsible for updating plug-ins. Billing accounts for a large part

In terms of the scanning effect, it is comprehensive. No matter what website, the scanning is complete, and reports like WVS are exported several Mb. I have to say that

It's the boss level, but what about pertinence? Does the Security Situation in China adapt ?, The person who uses the report must be clearer than me.

Work is an artifact. What should you do if you want to develop your own plug-ins? I am one of them.

The services provided by B/S can be said to be in a variety of ways. website monitoring and Trojan warning can be said to be a good choice for webmasters. It does not have much practical effect for professional security enthusiasts, poor customization. Poor controllability, not flexible.

Therefore, a scanning Platform combined with client and B/S was born.

If you are a network security enthusiast, you are crazy coders, are you a webmaster ??, All of them can meet one of your common requirements. The 36      0-degree scan of the website is not a normal scan. You can use the plug-ins shared by others, you can also share your own encoding plug-ins with others. You can comment on the plug-in's performance and Performance Online or give some comments. If you are a webmaster of dozens of sites, you can use your own nodes, you can scan one or more clusters. Let you play. If a website with a high-risk vulnerability is found, you must verify the vulnerability before you can view the vulnerability details. Scan the vulnerability and fix the vulnerability.

If you know a little about programming and want to share some security vulnerabilities, you can use a simple online example to write a scanning plug-in immediately. Someone asks, what can I do when I write this plug-in, will someone else pay me when I use it? If you ask this question, this is not suitable for you. It is only suitable for you. There is a bit of shared spirit in your mind. You once hoped that you would become a hacker, my fellow male, who is currently engaged in the network security industry, can tell me what I can do to the people who provide vulnerabilities. I can only say rank. Your contribution is always recorded on the website.

The above figure below,

Yes, as you can see, you are not scanning with the server we provide, you are building an engine scan by yourself, you just need to install a python 2.7, everything is there, you do not need to download any third-party installation packages. You only need one command, complete memory execution, absolutely green, and most importantly, you can use the scan plug-in that someone else shares unselfishly to address the latest security vulnerabilities, you can learn from others' experiences and view the plug-in code shared by others. Exchange knowledge.

The scanner identifies popular CMS in China

For Injection Vulnerability Detection, whether it is post cookie, get or Referer User-Agent

For the latest security vulnerabilities, the CMS 0-Day is also detected

The following is an instance scan report:

There are always some people who share and talk about the updates and returns here, not just a try. Click to experience:

Http://bugscan.net/

There are a wide variety of scanning software available on the market, which can be summarized as two types

1. Client software (such as WVS, Nessus..., metaspo.pdf ..)

2. B/S mode

Let's talk about the client. Some development companies are responsible for updating plug-ins. Billing accounts for a large part

In terms of the scanning effect, it is comprehensive. No matter what website, the scanning is complete, and reports like WVS are exported several Mb. I have to say that

It's the boss level, but what about pertinence? Does the Security Situation in China adapt ?, The person who uses the report must be clearer than me.

Work is an artifact. What should you do if you want to develop your own plug-ins? I am one of them.

The services provided by B/S can be said to be in a variety of ways. website monitoring and Trojan warning can be said to be a good choice for webmasters. It does not have much practical effect for professional security enthusiasts, poor customization. Poor controllability, not flexible.

Therefore, a scanning Platform combined with client and B/S was born.

If you are a network security enthusiast, you are crazy coders, are you a webmaster ??, All of them can meet one of your common requirements. The 36  0-degree scan of the website is not a normal scan. You can use the plug-ins shared by others, you can also share your own encoding plug-ins with others. You can comment on the plug-in's performance and Performance Online or give some comments. If you are a webmaster of dozens of sites, you can use your own nodes, you can scan one or more clusters. Let you play. If a website with a high-risk vulnerability is found, you must verify the vulnerability before you can view the vulnerability details. Scan the vulnerability and fix the vulnerability.

If you know a little about programming and want to share some security vulnerabilities, you can use a simple online example to write a scanning plug-in immediately. Someone asks, what can I do when I write this plug-in, will someone else pay me when I use it? If you ask this question, this is not suitable for you. It is only suitable for you. There is a bit of shared spirit in your mind. You once hoped that you would become a hacker, my fellow male, who is currently engaged in the network security industry, can tell me what I can do to the people who provide vulnerabilities. I can only say rank. Your contribution is always recorded on the website.

The above figure below,

Yes, as you can see, you are not scanning with the server we provide, you are building an engine scan by yourself, you just need to install a python 2.7, everything is there, you do not need to download any third-party installation packages. You only need one command, complete memory execution, absolutely green, and most importantly, you can use the scan plug-in that someone else shares unselfishly to address the latest security vulnerabilities, you can learn from others' experiences and view the plug-in code shared by others. Exchange knowledge.

The scanner identifies popular CMS in China

For Injection Vulnerability Detection, whether it is post cookie, get or Referer User-Agent

For the latest security vulnerabilities, the CMS 0-Day is also detected

The following is an instance scan report:

There are always some people who share and talk about the updates and returns here, not just a try. Click to experience:

Http://bugscan.net/