INFORMATION SECURITY PORTAL
SOFTWARE TOOLS- ONLINE SCAN TOOLS
Below is links to free online tools for e.g. scan websites for vulnerabilities. The tools have been tested but you have to make your own decision before you use them (use them at your own discreation).
Using the tools will help you find weaknesses and guide you what you need to focus on. The tools will however not replace a structured way of working and the need for testing. Tools complement and does not replace e.g. code review and manual testing.
SUCURI is one of the most popular free website malware and security scanner. You can do a quick test for malware, blacklisting status, injected SPAM, and defacements.
SSL Server Test by Qualys is essential to scan your website for SSL/TLS misconfiguration and vulnerabilities. It provides an in-depth analysis of your https:// URL including expiry day, overall rating, cipher, SSL/TLS version, handshake simulation, protocol details, BEAST, and much more.
Quttera check website for malware and vulnerabilities exploits.
SiteGuarding helps you to scan your domain for malware, website blacklisting, injected spam, defacement, and much more. The scanner is compatible with WordPress, Joomla, Drupal, Magento, osCommerce, Bulletin, and another platform.
Observatory helps a site owner to check various security elements. It validates against OWASP header security, TLS best practices and performs third-party tests from SSL Labs, High-Tech Bridge, Security Headers, HSTS Preload, etc.
Web Cookies Scanner is a free all-in-one security tool suitable for scanning web applications. It is capable of searching vulnerabilities and privacy issues on HTTP cookies, Flash applets, HTML5 localStorage, and sessionStorage, Supercookies, and Evercookies. The tool also offers a free URL malware scanner and an HTTP, HTML, and SSL/TLS vulnerability scanner.
The website vulnerability scanner is one of a comprehensive set of tools offered by Pentest-Tools that comprise a solution for information gathering, web application testing, CMS testing, infrastructure testing, and SSL testing. In particular, the website scanner is designed to discover common web application vulnerabilities and server configuration issues.
The company offers a Light version of the tool and you can perform up to 2 free scans of your website.