v2sc_web_vulnerability_scanning

Web Vulnerability Scanning

Most companies or organizations have their own web pages that are served as the first gate to the outside world, how can we insight into the security situation of a web page? The website vulnerability failed to be detected by the information management department of a company may lead to the risk of serious information leakage. The web page vulnerability scanner is a specialized vulnerability scanning tool that can enhance web page security for customers by detecting and fixing the webpage vulnerability.

Service

Service benefits

It can detect and fix the web page vulnerability so as to prevent hacker attack.
The expert’s reports and opinion analysis provided by the software can be taken as the basis of formulation of security policy by customers.

Service scope

Confirm The Scope Of Work

Process Flow

Test item details

Detection Function

Web application security scanning, such as vulnerabilities in SQL injection, cross site scripting, etc. CGI program access permission check (GET, PUT, DELETE, etc.); web page code detection and analysis for PHP, JSP, ASP, etc. Please refer to the international standard OSSTMM 3.0 (Open- Source Security Testing Methodology Manual).

Testing Method

Conduct remote scanning and test, including web page replacement, jump server (host), theft of confidential information, personal information leakage, brute force attack, trojan horse attack, XSS attack, check the architecture of the target websites and URLs with potential security risks, and conduct comprehensive check of web pages and path records.