What we checked Here are some examples of what we checked your targets and their reachable webpages for. Total checks 143,306 Targets 3 Issues discovered 0  Vulnerable software & hardware Web servers, e.g. Apache, Nginx Mail servers, e.g. Exim Development software, e.g. PHP Network monitoring software, e.g. Zabbix, Nagios Networking systems, e.g. Cisco ASA Content management systems, e.g. Drupal, Wordpress Other well-known weaknesses, e.g. 'Log4Shell' and 'Shellshock'  Web Application Vulnerabilities Checks for multiple OWASP Top Ten issues SQL injection Cross-site scripting (XSS) XML external entity (XXE) injection Local/remote file inclusion Web server misconfigurations Directory/path traversal, directory listing & unintentionally exposed content  Attack Surface Reduction Our service is designed to help you reduce your attack surface and identify systems and software which do not need to be exposed to the Internet, such as: Publicly exposed databases Administrative interfaces Sensitive services, e.g. SMB Network monitoring software  Information Leakage Checks for information which your systems are reporting to end-users which should remain private. This information includes data which could be used to assist in the mounting of further attacks, such as: Local directory path information Internal IP Addresses  Encryption weaknesses Weaknesses in SSL/TLS implementations, such as: 'Heartbleed', 'CRIME', 'BEAST' and 'ROBOT' Weak encryption ciphers & protocols SSL certificate misconfigurations Unencrypted services such as FTP  Common mistakes & misconfigurations VPN configuration weaknesses Exposed SVN/git repositories Unsupported operating systems Open mail relays DNS servers allowing zone transfer 2 of 4