Online scanner for security holes

Please test responsibly. All tests details are logged. Do not test against websites that you do not have permission to test against. All data is archived in case of abuse.

About

A small security scanner that can do follow things:
  • Check #1 - Test DNS for AXFR queries
  • Check #2 - Test DNS for amplification attacks
  • Check #3 - Sensetive files
  • Check #4 - Checking security HTTP headers
  • Check #5 - Test SSL for cve-2014-0160 (heartbleed)
  • Check #6 - Checking memcache daemon
  • Check #7 - Checking MongoDB daemon
  • Check #8 - Checking Redis daemon
  • Check #9 - Check FTP for anonymous login
  • Check #10 - Gathering info via search engines
  • Check #11 - Check XSS via request URI
  • Check #12 - Check for reverse proxy
  • Check #13 - Check XSS via HOST header (IE only 5-10)

If you have any feedback (or want to remove scan results from public - only for domain owners) - please send email to sergeybelove at gmail dot com.