Detectify for WP

Detectify analyze the the level of security on your website or blog via a simulated hacker attack.

Author:David Hallenius & Fredrik N. Almroth & Mehdi Kitane (profile at wordpress.org)
WordPress version required:3.0
WordPress version tested:3.9.1
Plugin version:1.1.4b
Added to WordPress repository:29-10-2012
Last updated:01-08-2014
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
Rating, %:80
Rated by:4
Plugin URI:
Total downloads:5 809
Active installs:200+
plugin download
Click to start download

Detectify analyze the level of security of your website -- Simple to use and understand.

Detectify is cloud based web application security scanner that analyses and reports the security status of your website. Basically the solution simulates a hacker attack on your site and let you know what security flaws your website have. After the scan you are presented with an easy to understand report, listing the vulnerabilities on the site and probable consequences of them. All you need to do is create an account on the Detectify website and install the meta code in this plug in and your are ready to go!

Detectify does extensive checks on all user data supplied to your application - everything ranging from GET, POST, HTML Forms, Cookies and Headers.

Detectify probes for the following set of exploits:

  • Local File Inclusion (LFI)
  • Remote File Inclusion (RFI)
  • Reflected Cross Site Scripting flaws (XSS)
  • DOM-based Cross Site Scripting flaws (DOM XSS)
  • Cross Frame Scripting flaws (XFS)
  • Error-Based SQL Injection in the following database systems:
  • MySQL, PostgreSQL, Microsoft SQL Server, Microsoft Access, MongoDB, CouchDB, SQLite, Firebird, Oracle SQL, Informix, IBM DB2, Sybase, MaxDB and Ingres.
  • Blind SQL Injection flaws in: MySQL, PostgreSQL and Microsoft SQL Server.
  • Open Redirect bugs
  • Query-based Cross Site Scripting
  • Remote Command Execution
  • Remote Code Execution
  • Evaluates CGI test-scripts
  • HTTP TRACE and TRACK Cross Site Scripting
  • Cross Site Agent Scripting (XSA)
  • Cross Site Referrer Scripting (XSR)
  • PHP NULL Session path disclosures
  • PHP Array path disclosures


Screenshots
FAQ
ChangeLog