140 likes | 276 Views
MTvScan (Malware , Trojan, Viruses Scanner) Enterprise Class Security Scanner. Overview. Industry findings. Source: White Hat security May’13. MTvScan Architecture. MTvScan Features. Open ports scan. Domain Reputation.
E N D
MTvScan (Malware, Trojan, Viruses Scanner) Enterprise Class Security Scanner
Industry findings Source: White Hat security May’13
MTvScanFeatures Open ports scan
Domain Reputation • Check Domain Reputation in Google, SURBL, Malware Patrol, Clean-Mx, Phish tank. • Domain Mail server IP Check in 58 RBL(Real-time Blackhole List) and DNSBL (DNS-based Blackhole List) repositories.
SQL Injection Scan Scan for MySQL, MSSQL, PGSQL, Oracle databases. Checks for poorly filtered or in-correct escaped SQL queries into parsing variable data received from user input.
LFI & RFI Scans • Scans for pages from which attackers can include a remote or a local file via a script from web browser. • Occurs due to: • Page include is not properly sanitized. • Allows directory traversal characters to be injected. • Due to the use of user-supplied input without proper validation. • Can lead to other attacks such as cross site scripting (XSS), DDoS, Data Theft etc.
Cross Site Scripting (XSS) Scan • Scans for type of computer security vulnerability typically found in Web applications. • It enables attackers to inject client-side script into Web pages viewed by other users. • Scans each and every form in the webpages and scans for GET and POST requests.
Malware Scan • It scans for page defacement. • Scans JavaScript codes against generic signatures. • Special algorithm developed to detect JavaScript Obfuscation. Obfuscation used to convert vulnerable codes into unreadable format. • Third Party Links found in the page. It also checks third party links into Google malware database.
Intelliscan • Agent based Server side scanning. • Scans all files with generic signatures. • Scan all files with LMD MD5 and Hex signatures. • Analytics based Javascript obfuscation detection.
Automatic CMS scanning • Automatically detects CMS(Wordpress, Joomla, etc). • Scans all themes, plugins, unprotected admin area. • Brut forcing for simple password detection. • FPD - File Path Disclosure scanning. *Any trademarks or logos used are the property of their respective owners
Open Ports scan • Checks for all the ports on the server. • Reports all the insecure ports.