S4E:Equality - Free Vulnerability Scanners

Online pentest tools to scan websites and applications for vulnerabilities, for free.

We have ~277 tools and adding new each day

Tool Name Desc Asset Verify API
Web Application Firewall (WAF) Detection Scanner In order to bypass the WAF, it is important to determine the WAF used in the system first. No Yes
Apache ZooKeeper Unauth Server Scanner Misconfigured Apache ZooKeeper server can cause many private data to be leaked by attackers. Yes Yes
Publicly Accessible Phpmyadmin Setup Scanner Its possible for an attacker to configure the servers without information of the application administrator. Yes Yes
Online Apache Server Status Disclosure Scanner It is possible to obtain an overview of the remote Apache web server's activity and performance by requesting the URL '/server-status'. No Yes
Domain Whois Lookup Tool Simple and fast Domain Whois lookup tool. Yes Yes
IP Whois Lookup Tool Simple and fast IP Whois lookup tool. Yes Yes
Elmah.axd File Scanner If ELMAH is not properly configured elmah.axd file can allows attackers to gain information about the application. No Yes
Online Trace.axd File Scanner ASP.NET's includes a powerful mechanism for detailed request tracing called Trace.axd and it can also be used by attackers to gain information about requests and responses to the application. No Yes
Online Private Key Scanner If access permission to the private key file is configured incorrectly, anybody who steals the key can log into everything you have access to. No Yes
Online Robots.txt File Scanner Robots.txt file can expose something sensitive such as the path of an administration panel. No Yes
Online Security.txt File Scanner Security.txt file can expose hidden directories and files. No Yes
Telerik File Upload Detection Scanner Attackers can exploit your web application if your Telerik framework File Upload page is accessible to everyone. No Yes
Telerik Dialog Handler Detection Scanner If you are affected by CVE-2017-9248 vulnerability, attackers can exploit your web application. No Yes
Misconfigured Redis Scanner Misconfigured redis applications can cause many private data to be leaked by attackers. Yes Yes
Misconfigured Kibana/Elasticsearch Scanner Misconfigured kibana/elasticsearch applications can cause many private data to be leaked by attackers. Yes Yes

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service