7.576
Bearbeitungen
Änderungen
keine Bearbeitungszusammenfassung
== '''Siwecos Website Scanners''' ==
<br>
<br>
<br>
'''''General:'''''
*[[Reaktionszeit-Ueberschritten/DE | HTTPS-NO-RESPONSE]]<br>
*[[Keine-TLS-Unterstuetzung/DE|HTTPS-NOT-SUPPORTED]]
'''''Zertifikate'':'''
*[[Zertifikat-Abgelaufen/DE|CERTIFICATE-EXPIRED]]<br>
*[[Zertifikat-Nicht-Gesendet/DE|CERTIFICATE-NOT-SENT-BY-SERVER]]<br>
*[[Zertifikat-Nicht-Gueltig/DE|CERTIFICATE-NOT-VALID-YET]]<br>
*[[Schwache-Verschluesselung/DE|CERTIFICATE-WEAK-HASH-FUNCTION]]
'''''Verschlüsselung'':'''
*[[Schluesselaustauschverfahren/DE|CIPHERSUITE-ANON]]<br>
*[[Geschwaechtes-Verschluesselungsprotokoll/DE|CIPHERSUITE-EXPORT]]<br>
*[[Unverschluesselte-Kommunikation/DE|CIPHERSUITE-NULL]]<br>
*[[Unsichere-Verschluesselungsfunktion-RC4/DE|CIPHERSUITE-RC4]]<br>
*[[Schwaches-DES-Verschluesselungsprotokoll/DE|CIPHERSUITE-DES]]<br>
*[[Verschluesselungsmethode-Client/DE|CIPHERSUITEORDER-ENFORCED]]
'''''Protokolle'':'''
*[[Veraltete-Protokollversion-SSL2/DE|PROTOCOLVERSION-SSL2]]<br>
*[[Veraltete-Protokollversion-SSL3/DE|PROTOCOLVERSION-SSL3]]<br>
*[[PROTOCOLVERSION_TLS13|PROTOCOLVERSION-TLS13]]<br>
'''''Angriffe'':'''
*[[Bleichenbacher-Schwachstelle/DE|BLEICHENBACHER-VULNERABLE]]<br>
*[[Crime-Schwachstelle/DE|CRIME-VULNERABLE]]<br>
*[[Heartbleed-Schwachstelle/DE|HEARTBLEED-VULNERABLE]]<br>
*[[Invalid-Curve-Ephemeral-Schwachstelle/DE|INVALID-CURVE-EPHEMERAL-VULNER ABLE]]<br>
*[[Invalid-Curve-Schwachstelle/DE|INVALID-CURVE-VULNERABLE]]<br>
*[[PADDING-ORACLE-Schwachstelle/DE|PADDING-ORACLE-VULNERABLE]]<br>
*[[TLS-POODLE-Schwachstelle/DE|POODLE-VULNERABLE]]<br>
*[[TLS-POODLE-Schwachstelle/DE|TLS-POODLE-VULNERABLE]]<br>
*[[Sweet32-Schwachstelle/DE|SWEET32-VULNERABLE]]<br>
<br>
*[[DOMXSS-Schwachstelle/DE|SINKS]]<br>
*[[Schadcode-Ueber-Fremde-Quellen/DE|SOURCES]]
'''<span style="color:#c31622">HTTP Security Header Scanner<span>'''
<br>
Unnoticed by the user, the header (HTTP header Protocol) of a webpage is communicated between the client and the server every time the web page is called up and responds. The header influences browser behavior on the client side. For the most part, these are handled independently from the called web application and are defined in the webserver configuration. The [[Header Scanner|HTTP-Security-Header-Scanner]] allow you to check the header ([[HTTP]]-Header) of your web application for insecure configuration settings. The scanner([https://en.wikipedia.org/wiki/Web_crawler Crawler]) checks the information in the [[HTTP]] header of your web page and gives you a report about the detected vulnerabilities which could allow an attacker to launch attacks using a forged caller IP address ([[IP-Spoofing|Spoofing]]). <!--[https://www.siwecos.de/wiki/Kategorie:HTTP_Secure_Header-Scanner Checks des HTTP_Secure_Header-Scanner]--> <br> *[[Content-Security-Policy-Schwachstelle/DE|CONTENT-SECURITY-POLICY]]<br>*[[Content-Type-Nicht-Korrekt/DE|CONTENT-TYPE]]<br>*[[Public-Key-Pins-Deaktiviert/DE|PUBLIC-KEY-PINS]]<br>*[[Keine-Verschluesselung-Gefunden/DE|STRIKT-TRANSPORT-SECURITY]]<br>*[[X-Content-Type-Options-Schwachstelle/DE|X-CONTENT-TYPE-OPTIONS]]<br>*[[X-Frame-Options-Schwachstelle/DE|X-FRAME-OPTIONS]]<br>*[[XSS-Schwachstelle/DE|X-XSS-PROTECTION]] '''<span style="color:#c31622">Information Leakage Scanner<span>'''<br> The [[Info Leak Scanner|Information-Leakage-Scanner]] searches your web applications and gives you a report about unintentionally detailed information on how the application is built, or about the software version that is used, or other information which should not be revealed publicly. These leaks should be fixed as quickly as possible. <!--[https://www.siwecos.de/wiki/Kategorie:InfoLeak-Scanner Checks des InfoLeak-Scanner]--> <br> *[[Content-Management-System-Gefunden/DE|CMS]]<br>*[[Email-Adresse-Gefunden/DE|EMAIL]]<br>*[[Javascript-Schwachstelle/DE|JAVASCRIPT]]<br>*[[Plugin-Gefunden/DE|PLUGIN]]<br>*[[Telefonnummer-Gefunden/DE|TELEFONNUMMER]] '''<span style="color:#c31622">Initiative-S Scanner<span>'''<br> This scanner by [https://initiative-s.de/de/index.html Initiative-S] checks the domain against known blacklists ([https://en.wikipedia.org/wiki/Blacklisting Blacklists]) for [[Phishing]], [[Malware]] and [[Spam]].<br> *[[Phishing-Inhalte/DE|PHISHING-INHALTE]]<br>*[[Spam-Inhalte/DE|SPAM-INHALTE]]<br>*[[Malware-Inhalte/DE|MALWARE-INHALTE]]<br> [[Category:Siwecos-Scanner/EN]]
[[Category:Glossar]]
__NOTOC__