We understand that it can be very difficult to find managed IT services and support company that covers Apple support, Windows support and Linux support.We use Microsoft Windows, Apple Mac OSX and Various Linux distributions on our own network....

Scanyoursecurity uses vulnerability scanning tools, both commercial and proprietary, as a part of our application assessment process. Vulnerability scanning is one part of our hybrid approach to application assessment. Combined with code review and security testing....

Your security team log many events -- more and more of them all the time. Unfortunately, they don't make much use of these logs except the oldest days when trying to understand something long after it happened.Firewall logs provide threats and traffic behaviour on the network....

Scanyoursecurity Firewall/Router Audit thoroughly evaluates the rule base for known security risks and policy violations. Firewalls and Routers must be implemented and maintained properly. Our Firewall/Router Audit provides a detailed analysis that reduces risks and increases perimeter security....

SCANYOURSECURITY work

Scanyoursecurity is a consultancy responsible for protecting businesses from cyber threats, cyber-attacks, internal threats and business outages. Our technical experts have years of experience in recommending, specifying and implementing IT Security Solutions.

Port scanning is usually done in the initial phase of a penetration test in order to discover all network entry points into the target system. Port scanning is done differently for TCP ports and for UDP ports, which is why we have different tools. Before report, created result would have been completed with False Positive elimination accordingly.

Penetration Testing is to identify the presence of points where a threat (defined by the hacker) can be arranged with existing risks to achieve penetration. Scanyoursecurity helps to prevent penetration by identifying these points and providing effective methods for optimization before they are exploited by malicious hackers.

Last EXPLOITS

Up to Date

  • [remote] Belkin Wemo UPnP - Remote Code Execution (Metasploit)
  • [dos] MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
  • [dos] Android Kernel < 4.8 - ptrace seccomp Filter Bypass
  • [dos] FaceTime - Texture Processing Memory Corruption
  • [dos] WinRAR 5.61 - '.lng' Denial of Service
  • [webapps] webERP 4.15 - 'ImportBankTransaction' Blind SQL Injection
  • [dos] FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)
  • [webapps] HotelDruid 2.3 - Cross-Site Scripting
  • [local] Apple macOS 10.13.5 - Local Privilege Escalation
  • [webapps] Jenkins - Remote Code Execution
  • [webapps] Ask Expert Script 3.0.5 - Cross Site Scripting / SQL Injection
  • [webapps] Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal / Cross-Site Scripting
  • [webapps] XAMPP 5.6.8 - SQL Injection / Persistent Cross-Site Scripting
  • [webapps] eDirectory - SQL Injection
  • [dos] BulletProof FTP Server 2019.0.0.50 - 'SMTP Server' Denial of Service (PoC)
  • [dos] Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)
  • [webapps] Zuz Music 2.1 - 'zuzconsole/___contact ' Persistent Cross-Site Scripting
  • [webapps] Listing Hub CMS 1.0 - 'pages.php id' SQL Injection
  • [webapps] Find a Place CMS Directory 1.5 - 'assets/external/data_2.php cate' SQL Injection
  • [dos] NetSetMan 4.7.1 - 'Workgroup' Denial of Service (PoC)
  • [local] MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation
  • [papers] The Ultimate Guide For Subdomain Takeover with Practical
  • [webapps] WordPress Plugin WooCommerce - GloBee (cryptocurrency) Payment Gateway 1.1.1 - Payment Bypass / Unauthorized Order Status Spoofing
  • [webapps] Zoho ManageEngine ServiceDesk Plus (SDP) < 10.0 build 10012 - Arbitrary File Upload
  • [dos] Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process
  • [dos] Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClass
  • [dos] Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositions
  • [dos] Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour
  • [webapps] Comodo Dome Firewall 2.7.0 - Cross-Site Scripting
  • [webapps] ArangoDB Community Edition 3.4.2-1 - Cross-Site Scripting
  • [webapps] Apache CouchDB 2.3.0 - Cross-Site Scripting
  • [webapps] Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload
  • [webapps] M/Monit 3.7.2 - Privilege Escalation
  • [dos] NBMonitor 1.6.5.0 - 'Key' Denial of Service (PoC)
  • [webapps] CMSsite 1.0 - 'post' SQL Injection
  • [webapps] MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module
  • [webapps] Master IP CAM 01 3.3.4.2103 - Remote Command Execution
  • [webapps] qdPM 9.1 - 'search[keywords]' Cross-Site Scripting
  • [webapps] qdPM 9.1 - 'type' Cross-Site Scripting
  • [shellcode] macOS - execve(/bin/sh) + Null-Free Shellcode (31 bytes)
  • [shellcode] macOS - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (123 bytes)
  • [shellcode] macOS - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)
  • [shellcode] macOS - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (129 bytes)
  • [shellcode] macOS - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (119 bytes)
  • [remote] mIRC < 7.55 - 'Custom URI Protocol Handlers' Remote Command Execution
  • [dos] Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)
  • [dos] Realterm Serial Terminal 2.0.0.70 - Denial of Service
  • [webapps] UniSharp Laravel File Manager 2.0.0-alpha7 - Arbitrary File Upload
  • [dos] Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference
  • [webapps] qdPM 9.1 - 'search_by_extrafields[]' SQL Injection