Security Analyzer

A large scale web crawler (considered also as vulnerability scanner tool) to take an overview about security of Moroccan sites

Current architecture / Workflow:


Implemented defence mechanisms scanners:

  • X-Frame-Options
  • HTTP Strict-Transport-Security
  • X-Content-Type-Options
  • Secure cookies
  • HttpOnly cookies
  • CSRF Tokens
  • Content security policy
  • Iframe sandboxing

Implemented vulnerabilities scanners:

  • X-XSS-Protection
  • Mixed-content inclusions
  • Vulnerable remote JavaScript inclusion
  • SSL-stripping Vulnerable Form
  • Outdated Server Software -
  • Outdated CMS
  • Sensitive files
  • HTTP Parameter Pollution
  • Information leakage
  • Insecure SSL implementation


Check the examples in the demos folder