Security Scanner for Drupal installations to quickly identify potential security issues, server reputation and other aspects of the web server.
Drupal is one of the worlds leading content management system. It is used on a large number of high profile sites. It is known for its security and being extensible. Perform a simple Drupal security test by filling out the following form. Our system will test your website in a non-intrusive manner and display any discovered vulnerabilities or configuration errors.
Perform an immediate Free Drupal Scan with a low impact test .
Check any Drupal based site and get a high level overview of the sites security posture. Once you see how easy it is grab a membership and test Drupal with Droopescan, Nikto, OpenVAS and more.
Attempt to detect version of Drupal Core
Find Plugins in HTML response
Identify theme in use
List client side JS in page
List iframes in page
Test for directory indexing enabled on key locations
Check Google Safe Browse for reputation
Get IP information and Geolocation
Aggressive enumeration of plugins, themes, version and interesting urls.
About Drupal Security Testing
The more aggressive second option uses the excellent droopescan to brute force theme and module/plugin paths in an attempt to discover the sites attack surface. With information about the installed extras known vulnerabilities can be exploited or further security testing can be more targeted.
Our range of online web security testing for Drupal and other web platforms has you covered for a variety of use cases.
Our second form of scanning involves using active security testing tools (OpenVAS, Nikto, Droopescan are examples) that send hundreds of requests against the target site to enumerate and find security issues (vulnerabilities) that are not immediately apparent from passive analysis.
Comparing the Options
Members get access to the full suite of security tools. It's a go bag for security testing.
Free Drupal Security Check
- Drupal Version Check
- Threat Intelligence (Blacklist) Checks
- Directory Indexing on common locations
- Sites Externally linked from main page (threat intel check of host)
- List Components and Modules detected through passive HTML analysis
- Server, Hosting and Geo-location Information
Check out the additional benefits that come with a Hacker Target Membership.
Additional Benefits (with Membership)
- Use Droopescan for active security testing
- Use OpenVAS to test Drupal & Web Server vulnerabilities.
- Use Nikto to test website scripts and web framework
- Passively survey sites in bulk for web technologies and other details
- Monitor server for port and vulnerability changes (scheduled Nmap & OpenVAS)
- With Membership you have full access to all security testing tools including port scanner, web server testing and system vulnerability scanner.
7 day money back guarantee
About the Droopescan Project
Droopescan is an open source project developed in
python. One of the things we love about open source security solutions is that you can not only run the tool and get results; but also dig into the code and understand what is being tested and why it is being tested. Knowledge is the ultimate cyber weapon.
To run the tool locally for yourself grab the latest version from github. Another option is to use the popular Kali Linux distribution that includes