VTMScan- Protect your Website with ESDS VTMScan

1
VTMScan
0
(Malware, Threat, Vulnerability
Scanner) Enterprise Class Security Scanner
https//www.esds.co.in
2
Agenda
https//www.esds.co.in
3
About Scanning tools
Web application scanner
Performs vulnerability assessment of web
applications
It is SAAS, agentless scanner
OWASP Top 10 Vulnerabilities
Manual Security Audit
Provides report with recommendation
https//www.esds.co.in
4
VTMScan Flow
User
Banner Grabbing Port Scanning SSL
Check WAF Detection OS Detection
Domain Reputation Main Domain
External Domain Reverse IP
Link Crawling

• OWASP Audit
• SQLi Detection
• XSS Detection
• Insecure Deserialization
• Click Jacking
• Security Misconfiguration

• OWASP Audit
• SQLi Detection
• XSS Detection
• Insecure Deserialization
• Click Jacking
• Security Misconfiguration

Malware Scan Page Defacement JS
Codes/Functions JS Obfuscation
Third Party Link check
Malware Scan Page Defacement JS
Codes/Functions JS Obfuscation
Third Party Link check
Content Change Monitoring
Phishing Detection
Content Change Monitoring
Phishing Detection
CMS Detection WordPress Joomla
Drupal vBulletine
CMS Detection WordPress Joomla
Drupal vBulletine
Reports
https//www.esds.co.in
5

• VTMScan Product Features

Domain Reputation
PORT scan
Security Misconfiguration
XSS
SQL injection
Phishing Detection
Cross Site Scripting
Malware Scan
https//www.esds.co.in
6
OS Detection
VTMScan Product Features
File
Deserialization
Serialization
OBJECT
Stream of Bytes
Stream of Bytes
OBJECT
Insecure Deserialization
https//www.esds.co.in
7
VTMScan Product Features
05
SSL Scan .
CMS Scan
03
01
SSL
Content Change Monitoring
02
04
WAF Detection .
Banner Grabbing
https//www.esds.co.in
8

• VTMScan Product Features

https//www.esds.co.in
9

• VTMScan Product Features

Protect your customers and safeguard your Web
application with VTMScan Phishing Find similar
looking domains that adversaries can use to
attack you. Can detect typosquatters, phishing
attacks, fraud and corporate espionage.
Corporate intelligence Punycode phishing
attack detection VTMscan takes in your domain
name as a seed, generates a list of potential
phishing domains and then checks to see if they
are registered Additionally it can test if the
mail server from MX record can be used to
intercept misdirected corporate e-mails and it
can generate fuzzy hashes of the web pages to see
if they are live phishing sites.
Malware Scan
3
Cross Site Scripting
1
XSS enables attackers to inject client side
scripts into web pages viewed by others Scans
each and every form in the webpages and scans for
GET and POST request to detect XSS
Scans for Page defacement and JavaScript's codes
against generic signatures Special algorithm
developed to detect JavaScript Obfuscation Third
party links found in page are checked in Google
malware database
2
Phishing Detection
https//www.esds.co.in
10
VTMScan Product Features
We look for Deserialization Vulnerabilities in
multiple java frameworks, platforms and
applications (e.g. Jenkins , Seam Framework, RMI
over HTTP, Remote, Java Server Faces - JSF) We
check Deserialization Vulnerabilities in Servlet
, Apache Struts2 , JBoss Application
,Jmx-console, admin-console, web-console,
JMXInvokerServlet
File
Desearlization
Serialization
OBJECT
Stream of Bytes
Stream of Bytes
OBJECT
Insecure Desearlization
https//www.esds.co.in
11

• VTMScan Product Features

Security Misconfiguration
Automatically detects CMS (word press, Joomla,
etc. ) Scans all themes , Plugins, Unprotected
admin area File path disclosure scanning
3
SSL Scan
Checks Authenticity of SSL Certificate Checks if
algorithm used in SSL are weak or not Check
poodle, heartbleed, DRWON, Beast, Logjam
etc. Detects if SSL Certificate is expired
Check for misconfigured HTTP security
headers Check for http flag secure, trace method
enabled Check for directory indexing access
2
CMS Scan
12
VTMScan Product Features
Checks Operating system and its version of Web
Server Verifies OS and its version with
Vulnerability database Reports if Vulnerability
present on detected OS Version
OS Detection
https//www.esds.co.in
13

• VTMScan Product Features

WAF Detection
Creates a snapshot of current state of your
website Compares each time current state of
website with snapshot and informs if any changes
are observed on website
3
Banner Grabbing
Finds all possible information regarding
website. Finds sub domains Finds webserver
information.
Detects if website is protected by Web
Application Firewall Sends malicious payloads to
website and checks if any defense mechanism is
used by website which is blocking or filtering
requests
2
Content Change Monitoring
https//www.esds.co.in
14

• VTMScan Portal- Home

Scan Grid
Upcoming Scans
Last Scans
Closed Domains
Queued Scans
https//www.esds.co.in
15

• VTMScan Portal- Adding and Editing Domain

List of scanned website
Details of scanned website
https//www.esds.co.in
16

• VTMScan Portal -Troubleshoot using Ping

Enter hostname/IP and submit to check if website
is live active. Example esds.co.in
https//www.esds.co.in
17

• VTMScan Portal Troubleshoot using Telnet

Enter hostname/IP with port number and submit to
check if website is live active. Example
esds.co.in 80
https//www.esds.co.in
18

• VTMScan Portal Adding and Editing Domain

Enter hostname to check if website is live
active by checking page status. Example
esds.co.in
https//www.esds.co.in
19

• VTMScan Portal Reports

Click here to get detail report about the website
scan
Click here to get detail report about the website
scan
Short Description about vulnerabilities type and
links affected by it.
https//www.esds.co.in
20

• VTMScan Portal Scan Info

Scan short summary
Vulnerabilities and its severity
Export Scan Report
Details of scanned website
https//www.esds.co.in
21
SOCIAL MEDIA
VTMScan Portal Scan Info
Types of Reports
URL Report Report containing full list of
websites
Scan Report Complete Report without
recommendations
Content Change Report Report containing CCM
results.
Scan Report with Recommendations Complete Report
Brief Scan Report Report containing only
vulnerability count
https//www.esds.co.in
22

• VTMScan Portal Banner Grabbing Report

Domain reputation in Top RBLs
OS Detection
Open ports and services running on it
https//www.esds.co.in
23

• VTMScan Portal Flag Set Detection Report

Detects HTTPOnly Flag set status
https//www.esds.co.in
24

• VTMScan Portal Sensitive URLs Report

Lists Admin/Login Pages/ sensitive URLs/
Directory Access
https//www.esds.co.in
25

• VTMScan Portal OWASP Audit Report

Attack type, affected URL and alert generated
OWASP Attack types
https//www.esds.co.in
26

• VTMScan Portal Page Vulnerability Scan Report

Detects Sensitive data exposure, shell found,
unsecure view state found
https//www.esds.co.in
27

• VTMScan Portal Content Change Monitoring Report

Shows individual links and amount of content
change in percentage
Click here to get detailed Report on content
change
https//www.esds.co.in
28

• VTMScan Portal Content Change Monitoring Report

Changed Website page
Actual website page
Red indicates where the changes are observed
https//www.esds.co.in
29
Thank You