Siwecos-Scanner/EN

Siwecos Website Scanners

TLS Scanner

The TLS-Scanner allows you to check the encryption protocol (TLS) of your Servers for security flaws. If you are using an outdated encryption version, or if you rely on outdated algorithms (cryptographic primitive), this will be detected by our scanner. Furthermore, the TLS scanner can recognize problems concerning the current Zertikat and to alert you to weak key lengths and expired certificates, which could allow an attacker to decrypt your communication with your customers. The TLS scanner can also test your current TLS-Implementierung for known vulnerabilites such as man-in-the-middle attacks (Insecure Renegotiation), Poodle or Heartbleed.

General:

• HTTPS-NO-RESPONSE
  
• HTTPS-NOT-SUPPORTED

Zertifikate:

• CERTIFICATE-EXPIRED
  
• CERTIFICATE-NOT-SENT-BY-SERVER
  
• CERTIFICATE-NOT-VALID-YET
  
• CERTIFICATE-WEAK-HASH-FUNCTION

Verschlüsselung:

• CIPHERSUITE-ANON
  
• CIPHERSUITE-EXPORT
  
• CIPHERSUITE-NULL
  
• CIPHERSUITE-RC4
  
• CIPHERSUITE-DES
  
• CIPHERSUITEORDER-ENFORCED

Protokolle:

• PROTOCOLVERSION-SSL2
  
• PROTOCOLVERSION-SSL3
  
• PROTOCOLVERSION-TLS13
  

Angriffe:

• BLEICHENBACHER-VULNERABLE
  
• CRIME-VULNERABLE
  
• HEARTBLEED-VULNERABLE
  
• INVALID-CURVE-EPHEMERAL-VULNER ABLE
  
• INVALID-CURVE-VULNERABLE
  
• PADDING-ORACLE-VULNERABLE
  
• POODLE-VULNERABLE
  
• TLS-POODLE-VULNERABLE
  
• SWEET32-VULNERABLE
  

XSS Scanner

The XSS-Scanner can recognize typical attempts to exploit security flaws (Cross-Site Scripting) in your web application. This includes recognition of DOM basierten Schwachstellen, which could allow an attacker, for example, to execute malicious code in Javascript in the context of your web application.

• SINKS
  
• SOURCES

HTTP Security Header Scanner

Unnoticed by the user, the header (HTTP header Protocol) of a webpage is communicated between the client and the server every time the web page is called up and responds. The header influences browser behavior on the client side. For the most part, these are handled independently from the called web application and are defined in the webserver configuration. The HTTP-Security-Header-Scanner allow you to check the header (HTTP-Header) of your web application for insecure configuration settings. The scanner(Crawler) checks the information in the HTTP header of your web page and gives you a report about the detected vulnerabilities which could allow an attacker to launch attacks using a forged caller IP address (Spoofing).

• CONTENT-SECURITY-POLICY
  
• CONTENT-TYPE
  
• PUBLIC-KEY-PINS
  
• STRIKT-TRANSPORT-SECURITY
  
• X-CONTENT-TYPE-OPTIONS
  
• X-FRAME-OPTIONS
  
• X-XSS-PROTECTION

Information Leakage Scanner

The Information-Leakage-Scanner searches your web applications and gives you a report about unintentionally detailed information on how the application is built, or about the software version that is used, or other information which should not be revealed publicly. These leaks should be fixed as quickly as possible.

• CMS
  
• EMAIL
  
• JAVASCRIPT
  
• PLUGIN
  
• TELEFONNUMMER

Initiative-S Scanner

This scanner by Initiative-S checks the domain against known blacklists (Blacklists) for Phishing, Malware and Spam.

• PHISHING-INHALTE
  
• SPAM-INHALTE
  
• MALWARE-INHALTE