S4E:Equality - Free Vulnerability Scanners

Online pentest tools to scan websites and applications for vulnerabilities, for free.

We have ~1224 tools and adding new each day

Tool Name Desc Asset Verify API
Wavlink Multiple AP - Unauthenticated RCE CVE-2020-13117 Scanner In Wavlink Multiple AP, there is an Unauthenticated Remote Code Execution vulnerability. Yes Yes
WordPress 'Drag & Drop Multiple File Upload - Contact Form 7' Plugin - Pre-auth RCE CVE-2020-12800 Scanner In WordPress 'Drag & Drop Multiple File Upload - Contact Form 7' Plugin, there is a Pre-auth Remote Code Execution vulnerability. Yes Yes
Catch Breadcrumb < 1.5.7 - Unauthenticated Reflected XSS CVE-2020-12054 Scanner Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload. Yes Yes
PRTG Network Monitor < 20.1.57.1745 - Information Disclosure CVE-2020-11547 Scanner PRTG Network Monitor < 20.1.57.1745 allows Information Disclosure Vulnerability. Yes Yes
SuperWebmailer Remote Code Execution CVE-2020-11546 Scanner In SuperWebmailer, there is a Remote Code Execution vulnerability. Yes Yes
LimeSurvey 4.1.11 - Path Traversal Vulnerability CVE-2020-11455 Scanner There is a path traversal vulnerability in LimeSurvey 4.1.11, which allow remote attackers to read arbitrary files. Yes Yes
Keycloak 12.0.1 - 'request_uri ' Unauthenticated Blind Server-Side Request Forgery SSRF CVE-2020-10770 Scanner There is a server side request forgery (SSRF) vulnerability in Keycloak 12.0.1. Yes Yes
Request Based External Service Interaction Checker Check your page prequests for Out Of Band Interaction with our tool. Yes Yes
Parameter Based External Service Interaction Checker Check your page parameters for Out Of Band Interaction with our tool. Yes Yes
Header Based External Service Interaction Checker Check your webserver's HTTP Headers for Out Of Band Interaction with our tool. Yes Yes
Generic Windows Based Local File Inclusion - LFI Vulnerability Fuzz & Scanner Searches for /windows/win.ini file on passed URLs. Yes Yes
Generic Blind XXE Injection Vulnerability Scanner Yes Yes
Online Web Cache Poisoning Vulnerability Scanner The vulnerability allows attackers to inject malicious data into the cache of a vulnerable server, which could then be served to other users. Yes Yes
Lantronix PremierWave 2050 - Remote Code Execution CVE-2021-21881 Scanner In Lantronix PremierWave 2050, there is a Remote Code Execution vulnerability. Yes Yes
Guppy Wordpress extension Sensitive Information Disclosure CVE-2021-24997 Scanner Guppy Wordpress extension allows Sensitive Information Disclosure Vulnerability. Yes Yes

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service