Our scans are easy, continuous and holistic. Our customers do not have to select, execute and interpret highly technical security tools and their outputs. We distill the essence of relevant information regarding your security and provide it in a well-readable form.
Detection of your infrastructure
For detecting your subdomains and externally reachable infrastructure we use the following techniques:
- Public DNS information
- Certificate Transparency Logs
- Passive DNS
- DNS Zone Transfer
- Brute Force
How we detect risks in your systems
- We conduct port scans and service detection using masscan and Nmap Security Scanner and report risky services.
- We try to get access to your systems via common or default passwords for various services, such as SSH, Telnet, FTP, SQL, etc using custom password lists.
- Further vulnerabilities in your network infrastructure are detected by network vulnerability scanners and modules.
- Your web server security is checked by our web server scanning modules.
- We search for critical or unwanted files on your web server.
- A custom fingerprinting tool detects outdated content management systems (CMS) on your web servers such as Wordpress, Typo3, Drupal, Joomla, PHPMyAdmin and many more.
- We check DNS security setting for your domains.
- We assess the security of your SSL configuration.
- We monitor and acquire public data leaks to detect the leakage of your credentials.
- We check whether your DNS provider protects you from unwanted DNS zone transfers.
- We check if your IP addresses or domains show up on major blocklists.
Besides custom in house scanning software, we use some open-source tools and heavily rely on publicly available resources and information. Our scanning engine and plugin repository is under heavy development and continuously extended.
