We understand that it can be very difficult to find managed IT services and support company that covers Apple support, Windows support and Linux support.We use Microsoft Windows, Apple Mac OSX and Various Linux distributions on our own network....

Scanyoursecurity uses vulnerability scanning tools, both commercial and proprietary, as a part of our application assessment process. Vulnerability scanning is one part of our hybrid approach to application assessment. Combined with code review and security testing....

Your security team log many events -- more and more of them all the time. Unfortunately, they don't make much use of these logs except the oldest days when trying to understand something long after it happened.Firewall logs provide threats and traffic behaviour on the network....

Scanyoursecurity Firewall/Router Audit thoroughly evaluates the rule base for known security risks and policy violations. Firewalls and Routers must be implemented and maintained properly. Our Firewall/Router Audit provides a detailed analysis that reduces risks and increases perimeter security....

SCANYOURSECURITY work

Scanyoursecurity is a consultancy responsible for protecting businesses from cyber threats, cyber-attacks, internal threats and business outages. Our technical experts have years of experience in recommending, specifying and implementing IT Security Solutions.

Port scanning is usually done in the initial phase of a penetration test in order to discover all network entry points into the target system. Port scanning is done differently for TCP ports and for UDP ports, which is why we have different tools. Before report, created result would have been completed with False Positive elimination accordingly.

Penetration Testing is to identify the presence of points where a threat (defined by the hacker) can be arranged with existing risks to achieve penetration. Scanyoursecurity helps to prevent penetration by identifying these points and providing effective methods for optimization before they are exploited by malicious hackers.

Last EXPLOITS

Up to Date

  • [webapps] Infor Storefront B2B 1.0 - 'usr_name' SQL Injection
  • [webapps] Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting
  • [webapps] Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass
  • [webapps] Online Polling System 1.0 - Authentication Bypass
  • [webapps] Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection
  • [webapps] Zyxel Armor X1 WAP6806 - Directory Traversal
  • [webapps] SuperMicro IPMI WebInterface 03.40 - Cross-Site Request Forgery (Add Admin)
  • [webapps] Trend Micro Web Security Virtual Appliance 6.5 SP2 Patch 4 Build 1901 - Remote Code Execution (Metasploit)
  • [webapps] BSA Radar 1.6.7234.24750 - Local File Inclusion
  • [webapps] Park Ticketing Management System 1.0 - Authentication Bypass
  • [webapps] Park Ticketing Management System 1.0 - 'viewid' SQL Injection
  • [remote] Aruba ClearPass Policy Manager 6.7.0 - Unauthenticated Remote Command Execution
  • [webapps] Barangay Management System 1.0 - Authentication Bypass
  • [webapps] HelloWeb 2.0 - Arbitrary File Download
  • [webapps] Savsoft Quiz 5 - Persistent Cross-Site Scripting
  • [webapps] Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting
  • [webapps] PHP 7.4 FFI - 'disable_functions' Bypass
  • [webapps] BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password)
  • [webapps] SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin)
  • [remote] Microsoft Windows mshta.exe 2019 - XML External Entity Injection
  • [webapps] BSA Radar 1.6.7234.24750 - Authenticated Privilege Escalation
  • [webapps] Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection
  • [webapps] Online Shopping Portal 3.1 - 'email' SQL Injection
  • [webapps] Sickbeard 0.1 - Remote Command Injection
  • [local] Sony Playstation 4 (PS4) < 7.02 / FreeBSD 9 / FreeBSD 12 - 'ip6_setpktopt' Kernel Local Privilege Escalation (PoC)
  • [webapps] BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution (PoC)
  • [webapps] BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution
  • [webapps] Nagios XI 5.6.12 - 'export-rrd.php' Remote Code Execution
  • [webapps] RSA IG&L Aveksa 7.1.1 - Remote Code Execution
  • [dos] Grafana 7.0.1 - Denial of Service (PoC)
  • [dos] Fire Web Server 0.1 - Remote Denial of Service (PoC)
  • [webapps] RiteCMS 2.2.1 - Authenticated Remote Code Execution
  • [webapps] File Management System 1.1 - Persistent Cross-Site Scripting
  • [webapps] OCS Inventory NG 2.7 - Remote Code Execution
  • [webapps] ZenTao Pro 8.8.2 - Command Injection
  • [webapps] Online Shopping Portal 3.1 - Authentication Bypass
  • [webapps] PHP-Fusion 9.03.60 - PHP Object Injection
  • [webapps] e-learning Php Script 0.1.0 - 'search' SQL Injection
  • [local] RM Downloader 2.50.60 2006.06.23 - 'Load' Local Buffer Overflow (EggHunter) (SEH) (PoC)
  • [webapps] Reside Property Management 3.0 - 'profile' SQL Injection
  • [webapps] Victor CMS 1.0 - 'user_firstname' Persistent Cross-Site Scripting
  • [local] KiteService 1.2020.618.0 - Unquoted Service Path
  • [local] Windscribe 1.83 - 'WindscribeService' Unquoted Service Path
  • [webapps] OpenEMR 5.0.1 - 'controller' Remote Code Execution
  • [webapps] FHEM 6.0 - Local File Inclusion
  • [remote] mySCADA myPRO 7 - Hardcoded Credentials
  • [webapps] BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting
  • [local] Lansweeper 7.2 - Incorrect Access Control
  • [dos] Code Blocks 20.03 - Denial Of Service (PoC)
  • [webapps] Online Student Enrollment System 1.0 - Cross-Site Request Forgery (Add Student)