Scans for website, host, and middleware vulnerabilities, as well as weak passwords.
Monitors the latest network vulnerabilities in real time, updates detection rules immediately, and detects asset risks promptly.
Using harmless scan, dynamically adjusts scanning frequency and analyze how detection results are correlated.
Compliance with Huawei and Center for Internet Security (CIS) benchmarks, checks for configuration weaknesses to expose vulnerabilities.
Website vulnerabilities are likely to be exploited by hackers, which can have a crippling impact and lead to financial loss if not addressed quickly.
Incorporates a vulnerability rule library for scanning all types of websites and produces comprehensive scan reports.
Security experts analyze the latest critical vulnerabilities and update rules to provide the fastest and professional CVE vulnerability scan.
Hosts delivering important services may be exposed to vulnerabilities and non-compliant configurations.
Connects to servers for operating system (OS) detection, multi-dimensional detection, and configuration checking after verification.
Allows access to servers where services are running using the password. This feature is ideal for enterprise networks.
Passwords are usually used for remote login to assets such as hosts or middleware. Attackers often use scanning technologies to hack usernames and weak passwords.
Offers weak password detection for standard web services, all OSs, and 90% of all middleware, including databases.
Simulates hacker detection of weak passwords in various scenarios. You can also use your own weak password library to detect passwords.
If a hacker discovers and exploits vulnerabilities in the middleware, the security of the upper layer and lower layer is compromised.
Supports vulnerability scanning of foreground development frameworks, and background microservices, as well as configuration compliance scanning.
Chooses standard scan or custom scan to identify the middleware and its version in the server and discover vulnerabilities and risks.
Enables specialized vulnerability scanning of assets, including web applications, hosts, middleware and weak passwords.
SSH, RDP, SMB, MySQL, Microsoft SQL Server, MongoDB, Redis, Oracle, DB2, GaussDB, Postgres, and Telnet
Command injection, code injection, XPath injection, Server-Side Request Forgery (SSRF), and deserialization
SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), and URL redirection
Reading, inclusion, and upload of any file, and XML External Entity attack (XXE attack)
Port exposure, directory traversal, backup files, insecure files, insecure HTTP methods, and insecure ports
Dynamically adjusts the scan speed, monitors the latest network vulnerabilities 24/7, and responds in real time.
Experts update detection rules upon discovering critical and high-risk vulnerabilities, help locate the affected servers or websites, and provide detailed recommended steps for resolving potential security issues.
Used for adjusting the scan speed based on site load, ensuring service continuity.
Prevents dirty data from being written into databases.
Generates a comprehensive scan report with detected vulnerabilities classified and repair proposal.
Collects, analyzes, and correlates statistics on each scan result, and displays the scan trends and vulnerability distribution, facilitating vulnerability management.
Provides detailed information, including URLs, vulnerability names, and descriptions, that can be downloaded to a local PC.
Classifies vulnerabilities by severity and provides recommendations on how to fix each type.
Allows you to customize scan rules, such as scan strength, to meet a variety of service requirements.
Allows you to set the crawler user agent (UA) and exclude links from being crawled, enhancing scan security.
Allows you to select a scan plugin based on requirements to scan specific types of vulnerabilities and quickly identify risks.
Allows you to customize the start time of a scan, avoiding peak service hours.