I've released an updated version of EasyScan, a lightweight website vulnerability scanner written in Python.
EasyScan analyzes the security of a website by inspecting its HTTP headers and DNS records, generating a comprehensive security report with recommendations for addressing potential vulnerabilities.
A complete security audit still requires manual testing and logical thinking, this script is meant for finding out basic server configuration and DNS issues.
Some of the key test cases covered by EasyScan include:
- Same Site Scripting
- SPF and DMARC records
- Public Admin Page
- Directory Listing
- Missing security headers
- Insecure cookie settings
- Information disclosure
- CORS misconfigurations
- Content-Type sniffing
- Cache control
The script is easy to set up and use, requiring Python 3.6 or higher, along with a few dependencies (`requests`, `beautifulsoup4`, and `dnspython`). The generated report provides a quick overview of your website's security posture, helping you identify any issues that might need your attention.
Please note that EasyScan is not a substitute for a thorough security assessment, but it can be a great starting point for identifying potential vulnerabilities in your website.
I've released an updated version of EasyScan, a lightweight website vulnerability scanner written in Python.
EasyScan analyzes the security of a website by inspecting its HTTP headers and DNS records, generating a comprehensive security report with recommendations for addressing potential vulnerabilities.
A complete security audit still requires manual testing and logical thinking, this script is meant for finding out basic server configuration and DNS issues.
Some of the key test cases covered by EasyScan include:
- Same Site Scripting - SPF and DMARC records - Public Admin Page - Directory Listing - Missing security headers - Insecure cookie settings - Information disclosure - CORS misconfigurations - Content-Type sniffing - Cache control
The script is easy to set up and use, requiring Python 3.6 or higher, along with a few dependencies (`requests`, `beautifulsoup4`, and `dnspython`). The generated report provides a quick overview of your website's security posture, helping you identify any issues that might need your attention.
Please note that EasyScan is not a substitute for a thorough security assessment, but it can be a great starting point for identifying potential vulnerabilities in your website.
Check out the project on GitHub: https://github.com/introvertmac/EasyScan
I'd love to hear your feedback and suggestions for improvement.
If you have any questions or need assistance, feel free to reach out on Twitter https://twitter.com/introvertmac.