S4E:Equality - Free Vulnerability Scanners

Online pentest tools to scan websites and applications for vulnerabilities, for free.

We have ~266 tools and adding new each day

Tool Name Desc Asset Verify API
Telerik File Upload Detection Scanner Attackers can exploit your web application if your Telerik framework File Upload page is accessible to everyone. No Yes
Telerik Dialog Handler Detection Scanner If you are affected by CVE-2017-9248 vulnerability, attackers can exploit your web application. No Yes
Misconfigured Redis Scanner Misconfigured redis applications can cause many private data to be leaked by attackers. No Yes
Misconfigured Kibana/Elasticsearch Scanner Misconfigured kibana/elasticsearch applications can cause many private data to be leaked by attackers. No Yes
Config File Scanner Critical information can be compromised if config files are accessed by anyone. No Yes
API Endpoint Scanner API endpoints that do not have an authentication mechanism can cause many private data to be leaked by attackers. No Yes
EpiServer Open Redirect vulnerability CVE-2020-24550 Scanner There is an open redirect vulnerability in EpiServer. Yes Yes
Unauthenticated File upload wpDiscuz WordPress plugin RCE CVE-2020-24186 Scanner WordPress wpDiscuz plugin allows unauthenticated arbitrary file upload vulnerability. Yes Yes
Aryanic HighMail (High CMS) XSS CVE-2020-23517 Scanner Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload. Yes Yes
b2evolution CMS Open redirect vulnerability CVE-2020-22840 Scanner There is an open redirect vulnerability in b2evolution Content Management System. Yes Yes
Inspur ClusterEngine V4.0 RCE CVE-2020-21224 Scanner There is a remote code execution vulnerability in Inspur ClusterEngine V4.0. Yes Yes
vBulletin Pre-Auth RCE CVE-2020-17496 Scanner There is a pre-auth remote code execution vulnerability in vBulletin. Yes Yes
Cisco 7937G Denial-of-Service Reboot Attack CVE-2020-16139 Scanner Cisco 7937G allows Denial-of-Service Reboot Attack vulnerability. Yes Yes
TileServer GL Reflected XSS CVE-2020-15500 Scanner Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload. Yes Yes
Oracle WebLogic Server Administration Console Handle RCE CVE-2020-14883 Scanner There is a remote code execution vulnerability in Oracle WebLogic Server Administration Console Handle. Yes Yes

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service