Application Security

Checks if Laravel Ignition error page is exposed in production.

Checks if Laravel Telescope debugging tool is exposed in production.

Checks if Laravel debug mode is enabled in production.

Verifies CSRF token implementation on forms and APIs.

Tests file upload endpoints for security vulnerabilities.

Validates session security settings and configuration.

Scans web servers for dangerous files, outdated software, and misconfigurations using Nikto. Requires domain verification.

Automated SQL injection detection and testing using SQLMap. Requires domain verification.

Identifies web technologies, frameworks, and their versions for vulnerability assessment using WhatWeb.

Scans WordPress sites for vulnerable plugins, themes, and core version issues using WPScan.

Scans web applications for XSS, XXE, SSRF, and other OWASP vulnerabilities using Wapiti. Requires domain verification.