We understand that it can be very difficult to find managed IT services and support company that covers Apple support, Windows support and Linux support.We use Microsoft Windows, Apple Mac OSX and Various Linux distributions on our own network....

Scanyoursecurity uses vulnerability scanning tools, both commercial and proprietary, as a part of our application assessment process. Vulnerability scanning is one part of our hybrid approach to application assessment. Combined with code review and security testing....

Your security team log many events -- more and more of them all the time. Unfortunately, they don't make much use of these logs except the oldest days when trying to understand something long after it happened.Firewall logs provide threats and traffic behaviour on the network....

Scanyoursecurity Firewall/Router Audit thoroughly evaluates the rule base for known security risks and policy violations. Firewalls and Routers must be implemented and maintained properly. Our Firewall/Router Audit provides a detailed analysis that reduces risks and increases perimeter security....

SCANYOURSECURITY work

Scanyoursecurity is a consultancy responsible for protecting businesses from cyber threats, cyber-attacks, internal threats and business outages. Our technical experts have years of experience in recommending, specifying and implementing IT Security Solutions.

Port scanning is usually done in the initial phase of a penetration test in order to discover all network entry points into the target system. Port scanning is done differently for TCP ports and for UDP ports, which is why we have different tools. Before report, created result would have been completed with False Positive elimination accordingly.

Penetration Testing is to identify the presence of points where a threat (defined by the hacker) can be arranged with existing risks to achieve penetration. Scanyoursecurity helps to prevent penetration by identifying these points and providing effective methods for optimization before they are exploited by malicious hackers.

Last EXPLOITS

Up to Date

  • [dos] ZOC Terminal 7.25.5 - 'Script' Denial of Service (PoC)
  • [dos] dnsmasq-utils 2.79-1 - 'dhcp_release' Denial of Service (PoC)
  • [webapps] pfSense 2.4.4-P3 - 'User Manager' Persistent Cross-Site Scripting
  • [local] Microsoft NET USE win10 - Insufficient Authentication Logic
  • [webapps] LimeSurvey 4.1.11 - 'File Manager' Path Traversal
  • [webapps] Bolt CMS 3.7.0 - Authenticated Remote Code Execution
  • [webapps] WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting
  • [webapps] Vesta Control Panel 0.9.8-26 - Authenticated Remote Code Execution (Metasploit)
  • [local] Triologic Media Player 8 - '.m3l' Buffer Overflow (Unicode) (SEH)
  • [dos] ZOC Terminal v7.25.5 - 'Private key file' Denial of Service (PoC)
  • [dos] UltraVNC Viewer 1.2.4.0 - 'VNCServer' Denial of Service (PoC)
  • [dos] UltraVNC Launcher 1.2.4.0 - 'Password' Denial of Service (PoC)
  • [webapps] LimeSurvey 4.1.11 - 'Survey Groups' Persistent Cross-Site Scripting
  • [dos] UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service (PoC)
  • [dos] Frigate 3.36 - Denial of Service (PoC)
  • [dos] Nsauditor 3.2.0.0 - 'Name' Denial of Service (PoC)
  • [dos] SpotAuditor 5.3.4 - 'Name' Denial of Service (PoC)
  • [dos] Product Key Explorer 4.2.2.0 - 'Key' Denial of Service (PoC)
  • [local] Memu Play 7.1.3 - Insecure Folder Permissions
  • [local] AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow (SEH)
  • [webapps] Pandora FMS 7.0NG - 'net_tools.php' Remote Code Execution
  • [local] DiskBoss 7.7.14 - 'Input Directory' Local Buffer Overflow (PoC)
  • [local] 10Strike LANState 9.32 - 'Force Check' Buffer Overflow (SEH)
  • [dos] DiskBoss 7.7.14 - Denial of Service (PoC)
  • [remote] SharePoint Workflows - XOML Injection (Metasploit)
  • [remote] DLINK DWL-2600 - Authenticated Remote Command Injection (Metasploit)
  • [remote] IBM TM1 / Planning Analytics - Unauthenticated Remote Code Execution (Metasploit)
  • [remote] Redis - Replication Code Execution (Metasploit)
  • [webapps] Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'user_password' SQL Injection
  • [webapps] Grandstream UCM6200 Series CTI Interface - 'user_password' SQL Injection
  • [dos] FlashFXP 4.2.0 Build 1730 - Denial of Service (PoC)
  • [remote] Multiple DrayTek Products - Pre-authentication Remote Root Code Execution
  • [local] Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Local Privilege Escalation
  • [webapps] Zen Load Balancer 3.10.1 - Remote Code Execution
  • [local] 10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow (SEH)(ROP)
  • [webapps] Joomla! com_fabrik 3.9.11 - Directory Traversal
  • [dos] Odin Secure FTP Expert 7.6.3 - 'Site Info' Denial of Service (PoC)
  • [webapps] rConfig 3.9.4 - 'searchField' Unauthenticated Root Remote Code Execution
  • [webapps] Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal
  • [dos] Everest 5.50.2100 - 'Open File' Denial of Service (PoC)
  • [webapps] ECK Hotel 1.0 - Cross-Site Request Forgery (Add Admin)
  • [local] Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow (SEH)
  • [webapps] Centreo 19.10.8 - 'DisplayServiceStatus' Remote Code Execution
  • [webapps] TP-Link Archer C50 3 - Denial of Service (PoC)
  • [local] 10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow (SEH)
  • [local] 10-Strike Network Inventory Explorer - 'srvInventoryWebServer' Unquoted Service Path
  • [webapps] LeptonCMS 4.5.0 - Persistent Cross-Site Scripting
  • [local] AVAST SecureLine 5.5.522.0 - 'SecureLine' Unquoted Service Path
  • [webapps] Joomla! Component GMapFP 3.30 - Arbitrary File Upload
  • [webapps] UCM6202 1.0.18.13 - Remote Command Injection