We understand that it can be very difficult to find managed IT services and support company that covers Apple support, Windows support and Linux support.We use Microsoft Windows, Apple Mac OSX and Various Linux distributions on our own network....

Scanyoursecurity uses vulnerability scanning tools, both commercial and proprietary, as a part of our application assessment process. Vulnerability scanning is one part of our hybrid approach to application assessment. Combined with code review and security testing....

Your security team log many events -- more and more of them all the time. Unfortunately, they don't make much use of these logs except the oldest days when trying to understand something long after it happened.Firewall logs provide threats and traffic behaviour on the network....

Scanyoursecurity Firewall/Router Audit thoroughly evaluates the rule base for known security risks and policy violations. Firewalls and Routers must be implemented and maintained properly. Our Firewall/Router Audit provides a detailed analysis that reduces risks and increases perimeter security....

SCANYOURSECURITY work

Scanyoursecurity is a consultancy responsible for protecting businesses from cyber threats, cyber-attacks, internal threats and business outages. Our technical experts have years of experience in recommending, specifying and implementing IT Security Solutions.

Port scanning is usually done in the initial phase of a penetration test in order to discover all network entry points into the target system. Port scanning is done differently for TCP ports and for UDP ports, which is why we have different tools. Before report, created result would have been completed with False Positive elimination accordingly.

Penetration Testing is to identify the presence of points where a threat (defined by the hacker) can be arranged with existing risks to achieve penetration. Scanyoursecurity helps to prevent penetration by identifying these points and providing effective methods for optimization before they are exploited by malicious hackers.

Last EXPLOITS

Up to Date

  • [webapps] Online Discussion Forum Site 1.0 - Remote Code Execution
  • [webapps] Victor CMS 1.0 - 'add_user' Persistent Cross-Site Scripting
  • [local] GoldWave - Buffer Overflow (SEH Unicode)
  • [webapps] Wordpress Plugin Form Maker 5.4.1 - 's' SQL Injection (Authenticated)
  • [remote] WebLogic Server - Deserialization RCE - BadAttributeValueExpException (Metasploit)
  • [local] VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP,ASLR)
  • [webapps] Gym Management System 1.0 - Unauthenticated Remote Code Execution
  • [local] Druva inSync Windows Client 6.6.3 - Local Privilege Escalation
  • [webapps] Dolibarr 11.0.3 - Persistent Cross-Site Scripting
  • [dos] Filetto 1.0 - 'FEAT' Denial of Service (PoC)
  • [dos] Konica Minolta FTP Utility 1.0 - 'NLST' Denial of Service (PoC)
  • [dos] Konica Minolta FTP Utility 1.0 - 'LIST' Denial of Service (PoC)
  • [webapps] OpenEDX platform Ironwood 2.5 - Remote Code Execution
  • [local] CloudMe 1.11.2 - Buffer Overflow (SEH,DEP,ASLR)
  • [webapps] PHPFusion 9.03.50 - Persistent Cross-Site Scripting
  • [webapps] Composr CMS 10.0.30 - Persistent Cross-Site Scripting
  • [webapps] forma.lms 5.6.40 - Cross-Site Request Forgery (Change Admin Email)
  • [dos] AbsoluteTelnet 11.21 - 'Username' Denial of Service (PoC)
  • [webapps] CraftCMS 3 vCard Plugin 1.0.0 - Remote Code Execution
  • [remote] Pi-Hole - heisenbergCompensator Blocklist OS Command Execution (Metasploit)
  • [webapps] Victor CMS 1.0 - Authenticated Arbitrary File Upload
  • [webapps] NukeViet VMS 4.4.00 - Cross-Site Request Forgery (Change Admin Password)
  • [webapps] Submitty 20.04.01 - Persistent Cross-Site Scripting
  • [webapps] php-fusion 9.03.50 - 'ctype' SQL Injection
  • [webapps] qdPM 9.1 - 'cfg[app_app_name]' Persistent Cross-Site Scripting
  • [webapps] Victor CMS 1.0 - 'cat_id' SQL Injection
  • [webapps] Victor CMS 1.0 - 'comment_author' Persistent Cross-Site Scripting
  • [remote] HP LinuxKI 6.01 - Remote Command Injection
  • [webapps] Online Healthcare management system 1.0 - Authentication Bypass
  • [webapps] Online Healthcare Patient Record Management System 1.0 - Authentication Bypass
  • [webapps] online Chatting System 1.0 - 'id' SQL Injection
  • [webapps] Monstra CMS 3.0.4 - Authenticated Arbitrary File Upload
  • [webapps] forma.lms The E-Learning Suite 2.3.0.2 - Persistent Cross-Site Scripting
  • [webapps] Oracle Hospitality RES 3700 5.7 - Remote Code Execution
  • [webapps] Online Examination System 1.0 - 'eid' SQL Injection
  • [webapps] Wordpress Plugin Ajax Load More 5.3.1 - '#1' Authenticated SQL Injection
  • [webapps] Mikrotik Router Monitoring System 1.2.3 - 'community' SQL Injection
  • [webapps] ManageEngine Service Desk 10.0 - Cross-Site Scripting
  • [webapps] vBulletin 5.6.1 - 'nodeId' SQL Injection
  • [webapps] E-Commerce System 1.0 - Unauthenticated Remote Code Execution
  • [webapps] Netlink XPON 1GE WiFi V2801RGW - Remote Command Execution
  • [local] Dameware Remote Support 12.1.1.273 - Buffer Overflow (SEH)
  • [webapps] Complaint Management System 1.0 - 'username' SQL Injection
  • [webapps] Sellacious eCommerce 4.6 - Persistent Cross-Site Scripting
  • [webapps] Tryton 5.4 - Persistent Cross-Site Scripting
  • [local] Remote Desktop Audit 2.3.0.157 - Buffer Overflow (SEH)
  • [local] MacOS 320.whatis Script - Privilege Escalation
  • [webapps] TylerTech Eagle 2018.3.11 - Remote Code Execution
  • [local] LanSend 3.2 - Buffer Overflow (SEH)
  • [webapps] qdPM 9.1 - Arbitrary File Upload