Hey, did you know that to execute security checks on your server and web application you don’t need any kind of tools to be installed locally ?
Yes, right! You can do such kind of checks using only online services. Today, there are lots of such kind services available to check your server for most popular types of vulnerabilities, execute password brute forcing attacks, check web application for possible sql injections and xss vulnerabilities, find out other security misconfigurations.
Quick Online Security Assessment
Let’s take a look at some of such services which will help us evaluate server or application security. In next article we’ll do some kind of penetration test / vulnerability assessment with those apps and for now we’ll just introduce some of them.
First of all, we need to pick the target, as example let’s take domain name and we want to find out it’s IP address. Here we took TheGuardian news websites and checked it with www.site24x7.com service to get the IP:
Good, on next step we need to know what other websites are hosted on this server and also try to get information about open ports and running services. With this task HackerTarget online service will help us:
API reverse lookup service api.hackertarget.com/reverseiplookup show us here several more applications running on this server:
Good, now we have several more targets to check, but as this is actually not a pentest – than we moving forward and just will execute quick port scan as a final step. Below you can see online nmap port scanner results from HackerTarget.com service:
So with 3 online services we have gathered such information like:
- IP address
- Reverse IP lookup
- Port scanning for open TCP ports
And everything we were need… just web browser ? Seems cool, those checks you may execute even from your mobile phone or tablet.
List of some useful online security services
Let’s move forward and see some more helpful services to check our server and application for SSL errors, if headers were configured properly, if there any malware was detected on the website and some others.
Here we checking our server SSL configuration with help of Qualys onliner scanner called “SSL Labs”:
Heh, everything seems find and legit, good, we properly configured our server. Moving forward, now let’s check how did configure headers Bank of America on their website as they must be really secure because of holding lots of sensitive data and also this is their official website (face of the company). Here comes such service as “SecurityHeaders.io”, see screenshot below:
Actually I assumed more positive results as “D” is really bad for such kind of organization, but we are not doing here pentest or assessment so should this be on their conscience.
Next point: Let’s check online magazine BleepingComputer.com for how possible malware on their website with help of VirusTotal online malware analysis service:
Great, as you can see on the screenshot above – no malware detected and also community score is very high which means big trust for this portal. With help of VirusTotal service you may detect malware on your website as well, as for example find IP/DNS history for specific domain name, execute reverse lookup checks and do many more interesting things. Also they have API service which may help to automate some processes and used but some popular tools as well like “Aquatone” OSINT tool and dnsrecon from Kali Linux.
Now we going to analyze “Bloomberg.com” website with online scanning service from Sucuri company:
Sucuri told us that there are no malware detected on this website/url, also it tried to identify website CMS type and version, type of used web server (detected successfully: nginx) and some more checks (for external urls, js files etc), as a result – we can see secure website.
In conclusion I want to admit that penetration testers and security engineers of course can’t be replaced with such services because they are mostly written by such people or security oriented companies, but if you need to get some information about your website or server which can be publicly available – you can try any of this service.
After you will get some information on your app security level than it will be easier to decided if you need to a penetration testing services.