Find, fix and prevent threats, before hackers do
Check your digital infrastructure
with a new vulnerability scanner
in just 15 minutes
SaaS for continuous pen testing
See our documentation on SwaggerHub or we will do the integration for you for free
OpenAPI & Integration in Ci/Cd for Secure SDLC
Scanner
Diagnostics
  • We provide multiple types of diagnostics
  • General subdomain search
  • Subdomain search using SSL certificates
  • Reverse resolution of IP addresses
  • IP address search using SSL fingerprints, ASN names
Web-services
  • Checks for secure configuration of common CMSes like Wordpress
  • Checks for possible SQL Injection attack vectors
  • Checks for possible XXE, XXS, LFI / RFI, RCE attack vectors
  • Checks for usage of well-known account credentials
  • Checks for unrestricted external access to files and directories (dirsearch)
  • An analysis of misconfigured HTTP-headers and cookies
  • Checks for cross-site request forgery (CSRF) vulnerabilities
  • Checks for general server misconfiguration
  • General vulnerabilities search based on detected product versions
Monitoring
  • Definition of open services and their versions
  • Searching for new subdomains
  • Controlling the lifetime of SSL certificates
  • Domain name expiration control
Network services
  • Checking the use of standard or anonymous KMs (Mysql, FTP)
  • Checking the current detection
  • Checking well-known SSL vulnerabilities
Diagnostics
  • We provide multiple types of diagnostics
  • General subdomain search
  • Subdomain search using SSL certificates
  • Reverse resolution of IP addresses
  • IP address search using SSL fingerprints, ASN names
Web-services
  • Checks for secure configuration of common CMSes like Wordpress
  • Checks for possible SQL Injection attack vectors
  • Checks for possible XXE, XXS, LFI / RFI, RCE attack vectors
  • Checks for usage of well-known account credentials
  • Checks for unrestricted external access to files and directories (dirsearch)
  • An analysis of misconfigured HTTP-headers and cookies
  • Checks for cross-site request forgery (CSRF) vulnerabilities
  • Checks for general server misconfiguration
  • General vulnerabilities search based on detected product versions
Monitoring
  • Definition of open services and their versions
  • Searching for new subdomains
  • Controlling the lifetime of SSL certificates
  • Domain name expiration control
Network services
  • Checking the use of standard or anonymous KMs (Mysql, FTP)
  • Checking the current detection
  • Checking well-known SSL vulnerabilities
XSignal.io community
Are you an information security specialist? Enhance your experience and become part of a privileged community! Zero-Day Vulnerability Bounty program, new customers, free XSignal access and more!
Services
Audit
Source code audit
Mobile application security
Social engineering
Penetration testing
Vulnerability assessment
Have questions?
Write to us or book free slot for 1-1 conversation
Who are we? XSIGNAL INC is incorporated based in the USA. We are members of the Starta.vc accelerator from New York.
We have partnerships with AWS, Okta, Gitlab, and others.
Services
  • Audit
  • Penetration testing
  • Vulnerability Assessment
  • Source code audit
  • Mobile application security
  • Social engineering
© 2022 XSIGNAL Inc, support@xsignal.io
19801, US, Delaware, 919, Wilmington, North Market Street, 950
Get your service
Choose services
Get your trial
To get the scan results, create an account and get a 14-day-trial period
Payment card details are not required
Ask us
Feel free ask any questions: pricing, billing, partnership, etc
We use cookies to provide the best site experience.
Ok, don't show again
Close