Identify Vulnerabilities in your Network and Applications
Security Use Cases
Your Go-to Solution for easy Security Scanning
- It's a quick and straight forward installation. It works on every system and is ready to use from start.
- You can start scans without any configuration right away and use best practice tests. But each scanner also provides extensive configuration options.
- Our architecture is designed for open flexibility and free adjustments. New tools can be integrated fairly simple and you can design your own scan and monitor process.
- Separately configurable for multiple teams, systems or clusters.
Multi Scanner Security Platform
Subdomain Enumeration Scanner
Angularjs CSTI Scanner (WebApplication)
Find AngularJS websites vulnerable to template injections
Automation of the process of detecting the Joomla CMS and its core vulnerabilities
Git Repo Scanner (Repository)
Discover Git repositories
Find potential secrets in repositories
Kube Hunter (Kubernetes)
Kubernetes Vulnerability Scanner
Kubernetes Configuration Scanner
Network authentication bruteforcing
Webserver Vulnerability Scanner
Network discovery and security auditing
Nuclei is a fast, template based vulnerability scanner.
Takes Screenshots of websites
Static Code Analysis
SSH Configuration and Policy Scanner
SSL/TLS Configuration Scanner
Container Vulnerability Scanner
Automation of the process of detecting the Typo3 CMS and its installed extensions
Wordpress Vulnerability Scanner
ZAP Advanced (WebApplication)
WebApp & OpenAPI Vulnerability Scanner extend with authentication features
WebApp & OpenAPI Vulnerability Scanner
Azure Monitor (persistenceProvider)
Publishes all Scan Findings to Azure Monitor.
Cascading Scans (processing)
Cascading Scans based declarative Rules.
Publishes all Scan Reports to OWASP DefectDojo.
Publishes all Scan Findings to Elasticsearch.
Finding Post Processing (dataProcessing)
Updates fields for findings meeting specified conditions.
Generic WebHook (integration)
Publishes Scan Findings as WebHook.
Notification WebHook (integration)
Publishes Scan Summary to MS Teams, Slack and others.
Static Report (persistenceProvider)
Publishes all Scan Findings as HTML Report.
Update Field (dataProcessing)
Updates fields in finding results.
secureCodeBox is an Open-Source project in cooperation with OWASP and with friendly support from iteratec.
OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security.
Do you have questions or feedback about secureCodeBox?