We understand that it can be very difficult to find managed IT services and support company that covers Apple support, Windows support and Linux support.We use Microsoft Windows, Apple Mac OSX and Various Linux distributions on our own network....

Scanyoursecurity uses vulnerability scanning tools, both commercial and proprietary, as a part of our application assessment process. Vulnerability scanning is one part of our hybrid approach to application assessment. Combined with code review and security testing....

Your security team log many events -- more and more of them all the time. Unfortunately, they don't make much use of these logs except the oldest days when trying to understand something long after it happened.Firewall logs provide threats and traffic behaviour on the network....

Scanyoursecurity Firewall/Router Audit thoroughly evaluates the rule base for known security risks and policy violations. Firewalls and Routers must be implemented and maintained properly. Our Firewall/Router Audit provides a detailed analysis that reduces risks and increases perimeter security....

SCANYOURSECURITY work

Scanyoursecurity is a consultancy responsible for protecting businesses from cyber threats, cyber-attacks, internal threats and business outages. Our technical experts have years of experience in recommending, specifying and implementing IT Security Solutions.

Port scanning is usually done in the initial phase of a penetration test in order to discover all network entry points into the target system. Port scanning is done differently for TCP ports and for UDP ports, which is why we have different tools. Before report, created result would have been completed with False Positive elimination accordingly.

Penetration Testing is to identify the presence of points where a threat (defined by the hacker) can be arranged with existing risks to achieve penetration. Scanyoursecurity helps to prevent penetration by identifying these points and providing effective methods for optimization before they are exploited by malicious hackers.

Last EXPLOITS

Up to Date

  • [local] Aida64 6.00.5100 - 'Log to CSV File' Local SEH Buffer Overflow
  • [papers] Active Directory Enumeration with PowerShell
  • [local] CentOS 7.6 - 'ptrace_scope' Privilege Escalation
  • [local] Pronestor Health Monitoring < 8.1.11.0 - Privilege Escalation
  • [webapps] Sitecore 8.x - Deserialization Remote Code Execution
  • [papers] LDAP Swiss Army Knife
  • [webapps] FusionPBX 4.4.3 - Remote Command Execution
  • [remote] Webmin 1.910 - 'Package Updates' Remote Command Execution (Metasploit)
  • [webapps] Liferay Portal 7.1 CE GA=3 / SimpleCaptcha API - Cross-Site Scripting
  • [webapps] phpMyAdmin 4.8 - Cross-Site Request Forgery
  • [webapps] WordPress Plugin Insert or Embed Articulate Content into WordPress - Remote Code Execution
  • [local] ProShow 9.0.3797 - Local Privilege Escalation
  • [shellcode] Linux/x86_64 - Bind (4444/TCP) Shell (/bin/sh) Shellcode (104 bytes)
  • [local] Ubuntu 18.04 - 'lxd' Privilege Escalation
  • [webapps] UliCMS 2019.1 'Spitting Lama' - Persistent Cross-Site Scripting
  • [local] Microsoft Windows - AppX Deployment Service Local Privilege Escalation (3)
  • [shellcode] Linux/x86_64 - Bind (4444/TCP) Shell (/bin/sh) Shellcode (131 bytes)
  • [remote] Exim 4.87 < 4.91 - (Local / Remote) Command Execution
  • [local] Vim < 8.1.1365 / Neovim < 0.3.6 - Arbitrary Code Execution
  • [local] Nvidia GeForce Experience Web Helper - Command Injection
  • [webapps] Supra Smart Cloud TV - 'openLiveURL()' Remote File Inclusion
  • [remote] LibreNMS - addhost Command Injection (Metasploit)
  • [remote] IBM Websphere Application Server - Network Deployment Untrusted Data Deserialization Remote Code Execution (Metasploit)
  • [dos] Google Chrome 73.0.3683.103 - 'WasmMemoryObject::Grow' Use-After-Free
  • [webapps] Zimbra < 8.8.11 - XML External Entity Injection / Server-Side Request Forgery
  • [webapps] Zoho ManageEngine ServiceDesk Plus 9.3 - 'PurchaseRequest.do' Cross-Site Scripting
  • [webapps] Zoho ManageEngine ServiceDesk Plus 9.3 - 'SearchN.do' Cross-Site Scripting
  • [webapps] Zoho ManageEngine ServiceDesk Plus 9.3 - 'SolutionSearch.do' Cross-Site Scripting
  • [webapps] Zoho ManageEngine ServiceDesk Plus 9.3 - 'SiteLookup.do' Cross-Site Scripting
  • [local] DVD X Player 5.5 Pro - Local Buffer Overflow (SEH)
  • [remote] Cisco RV130W 1.0.3.44 - Remote Stack Overflow
  • [remote] NUUO NVRMini 2 3.9.1 - 'sscanf' Stack Overflow
  • [webapps] IceWarp 10.4.4 - Local File Inclusion
  • [webapps] WordPress Plugin Form Maker 1.13.3 - SQL Injection
  • [webapps] AUO Solar Data Recorder < 1.3.0 - Incorrect Access Control
  • [webapps] KACE System Management Appliance (SMA) < 9.0.270 - Multiple Vulnerabilities
  • [papers] [Hebrew] Digital Whisper Security Magazine #107
  • [papers] [Hebrew] Digital Whisper Security Magazine #106
  • [papers] [Hebrew] Digital Whisper Security Magazine #105
  • [papers] [Hebrew] Digital Whisper Security Magazine #104
  • [papers] [Hebrew] Digital Whisper Security Magazine #103
  • [papers] [Hebrew] Digital Whisper Security Magazine #102
  • [papers] [Hebrew] Digital Whisper Security Magazine #101
  • [papers] [Hebrew] Digital Whisper Security Magazine #100
  • [papers] Analysis of CVE-2019-0708 (BlueKeep)
  • [dos] Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service
  • [local] Microsoft Windows 8.1/ Server 2012 - 'Win32k.sys' Local Privilege Escalation (MS14-058)
  • [papers] A Debugging Primer with CVE-2019-0708
  • [remote] Oracle Application Testing Suite - WebLogic Server Administration Console War Deployment (Metasploit)
  • [dos] Qualcomm Android - Kernel Use-After-Free via Incorrect set_page_dirty() in KGSL