Security Scanner for Drupal installations to quickly identify potential security issues, server reputation and other aspects of the web server.
Drupal is one of the worlds leading content management system. It is used on a large number of high profile sites. It is known for its security and being extensible. Perform a simple Drupal security test by filling out the following form. Our system will test your website in a non-intrusive manner and display any discovered vulnerabilities or configuration errors.
Perform an immediate Free Drupal Scan with a low impact test .
Check any Drupal based site and get a high level overview of the sites security posture. Once you see how easy it is grab a membership and test Drupal with Droopescan, Nikto, OpenVAS and more.
Attempt to detect version of Drupal Core
Find Plugins in HTML response
Identify theme in use
List client side JS in page
List iframes in page
Test for directory indexing enabled on key locations
Check Google Safe Browse for reputation
Get IP information and Geolocation
Aggressive enumeration of plugins, themes, version and interesting urls.
About the Drupal Security Scan
This scan will test a Drupal installation for common security issues, mis-configurations as well as performing a web reputation analysis of sites that are being linked and sites that are hosted on the same IP address. The Free scan is a passive scan in that all the information gathered is from performing regular web requests against the specified site.
The more aggressive second option uses the excellent droopescan to brute force theme and module/plugin paths in an attempt to discover the sites attack surface. With information about the installed extras known vulnerabilities can be exploited or further security testing can be more targeted.