facebook

Website Security Scanner

Scan Your Website for Malware and Security Issues. Get free trial now

Protection Against All The
Current Threats

  1. Malware Attacks Scan
  2. Reputation Check

The Perfect Port In All Future Web Security Storms

  1. In-Depth Monitoring
  2. 24/7 Incident Monitoring & Response
 

WHY CHOOSE VTMScan?

VTMScan delivers an exuberant delivery experience to the users by the means of websites and web applications.
VTMScan helps in securing your online presence at all times.

 
vtm

In web security, it is important to understand what prevention means and VTMScan helps you by providing a deep scanning solution backed by instant alerts. With VTMScan it can’t get simpler and more cost-effective.

Fully Compatible with all Platforms and Content Management Systems (CMS)
  1. WordPress
  2. Joomla
  3. Drupal
  4. VBulletin_logo

Be at comfort when you know you’re protected.

Get assistance with-

Our passionate team provides you with
  1. Faster responses
  2. Proactive and dedicated team
  3. In-depth scanning
  4. Through and thorough solution
  5. Advanced Security
  6. Best UX
  7. Advanced Application Protection

Enhance Your Website Security With VTMScan to Protect Your Digital Assets

 
seo

Search Engine Friendly

Automatic scanning for CMS and an agent-based server-side scanning

threat

Threat Detection

Proactively scanning malware, security threats, infections, botnets, etc.

webserverfit

Keeps the Web Servers Fit

Performing open port scanning for all security threats & checking mail server IP

attacks

Website Attacks Prevention

Special defence against all types of exploits, advisory security patches, complete trusted and tested security for websites

proactive

Proactive & Flaws Detection

Instant mail alerts and warning alarms for web pages and codes, especially scan reports

intensedet

Specializes in Quick Detection

Remote web-shell and unexpected file-detection along with CMS specific scanning such as WordPress, Joomla.

 

Testimonials

We have served multiple website owners by resolving their biggest challenges
Our hard work has paid off, see what our clients had to say

tasec

We are satisfied with the services of ESDS VTMScan. We are definitely going to buy it again and would also be recommending it to others.

Anil Dhingra, TASEC Ltd.
HCL Comnet Ltd

ESDS VTMScan is a very value-for-money product. We particularly like it for malware scan, content change monitoring, reporting and for its really good customer support team.

Vivek Wanelkar, HCL Comnet Ltd.
spangle

Customized reporting as and when requested for the scans is the best feature of this software. We have been using ESDS VTMScan from 2 to 3 years are sure to use it in the future too.

Ajay Kumar Rai, Spangle Technologies Pvt. Ltd.
sidbi

SIDBI has been using VAPT (ESDS VTMScan) services of ESDS for web applications and websites since 2015. ESDS has been prompt and provided VAPT reports along with necessary recommendations. These services have been found to be satisfactory.

Avinash Ambarkhane, Asst. General Manager, SIDBI
Features of Scan Plans Standard Scan Plan Enterprise Scan Plan
Domains 2 Domains 2 Domains
Total No. of Scans 4 4
Annual Cost 349 249 499 379
Bulk Buy ( No. of Scans X 12) 3499 2499 4999 3749
  Buy Now Buy Now
Reputation and Blacklist Monitoring    
Reputation Monitoring
Blacklist Monitoring
Basic assessment    
Http security header check
OS Vulnerability detection
Banner grabbing
Standard Malware Detection    
SQL Injection
Cross Site Scripting
Malware Detection
Webpage Defacement Detection
Insecure Deserialization
Local File Inclusion
Remote File Inclusion
Advanced Malware Detection    
Content Change Monitoring -
Phishing Page Detection -
Defined scan time -
CMS Scan -
 Port Scan  -
SSL Scan -
URL Monitoring -
Cross-Site Request Forgery -
Additional Functionality    
Error reporting including recommendation 
Email Support

OWASP Top 10:

Open Web Application Security Project (OWASP) refers to an online community that works in the domain of web application security. It releases the list of top-10 vulnerabilities after every few years. VTMScan identifies these vulnerabilities and complies with the rules laid by OWASP. VTMScan scans for Cross-site Scripting, SQL Injections, etc. and report these vulnerabilities along with recommendations to cure these issues.

OWASP
Content

Content Change Monitoring:

VTMScan provides Content Change Monitoring and is an important feature. It scans every page of the website for detecting if any change has occurred. Every change is observed across the entire website along with the respective percentage in the URLs. Here, a snapshot is generated of all the webpages and then each page is scanned for any modifications and changes. Once this is done, irregularities are reported, if any. This feature is of great benefit for the website owners for checking if any changes are being done on the website without their concern.

Malware Scan

Website defacement refers to an attack on a website that can the visual appearance of a webpage.

  1. Forced redirected test for injections
  2. Scanning JavaScript code snippets for generic signatures. Checking for any iframes
  3. Special algorithm devised for detecting JavaScript Obfuscation. Obfuscation is used for converting vulnerable codes into a format that can’t be read easily
  4. Checking for third-party links from reputed databases
  5. Malware monitoring is mostly done for the detection of JavaScript, iframe & Defaced keywords. JavaScript is checked for malicious code. The website is also scanned for any defaced keywords
Malware
Phishing

Phishing

Protecting the customers and safeguarding the website as well as web applications with VTMScan

  1. Look for similar domains
  2. URL hijacking and URL hijacking can be analogous to the website address of the victim or can be of the either forms-
  3. Common misspelling or use of foreign language
  4. Misspelling such as typographical error
  5. Swapping letters in the URL
  6. Using different domain names
  1. Detection of any Punycode phishing attacks

CMS Scan

  1. Very less number of scanners are provided in this feature
  2. Detects CMS tools such as- WordPress, Joomla, Drupal, etc.
  3. Scanning is done for themes, plugins and unprotected admin area
  4. Enumerating users
  1. Use of brute-force for detection of simple passwords
  2. Scanning of File Path Disclosures or FPDs
  3. Detecting CMS across all directories
CMS
Domain reputation

Domain Reputation Check

Domain reputation check done in Google, SURBL, Malware Patrol, Clean-MX and Phishtank

  1. VTMScan performs checking of the user domain across popular domain databases like- Google, SURBL, Malware Patrol, Clean-MX and Phishtank. These have an in-house database that contains the IP addresses and domains that might be extracted for malware, spamming and other phishing activities

Mail server IP check-in 58 RBL Repositories:

RBL or Real-time Blackhole Lists contain IP addresses of all those owners who’ve declined to stop the growth of spams. RBL lists all such IP address from several ISPs and identifies users who’re responsible for all these spams. RBL can also form the list of all ISPs whose servers have been hijacked for serving the purpose of spam relay. VTMScan performs checking of mail server IPs in 58 RBL repositories.

Robust Link Crawling

Link crawling refers to a process of capturing all the URLs of a website. It can be useful for VTMScan to understand how many webpages are existing at a given time instance on websites and what are all these webpages relating to. The website owner can perform cross-checking of his webpages to identify whether they are legitimate or not.

VTMScan performs following tasks under link crawling-

  1. Crawling links from various sources such as- web pages, robots.txt, iframes, hacker’s favorite search engines, directory indexes, and directory traversals.
  2. Checking admin and directory busters.
  3. Checking the directory access
Link Crawling
Banking grabbing

Banner Grabbing

Banner grabbing refers to collecting information related to the user website such as- web server information, header info as well as open ports. Banner grabbing is a technique that is used for gaining information regarding a computer system over a network and the associated services that are running on its open ports. Any intruder can use the banner grabbing for finding network hosts running different versions of applications and OS by using the most-known exploits.

VTMScan performs checks for following-

  1. Scanning of ports
  2. Detecting operating systems
  3. Detection of Web Application Firewall (WAF)

SSL Scan

VTMScan validates checking for SSL Poodle, BEAST, CRIME, Heartbleed, DROWN, etc.

Under SSL Check, the following checks are performed by VTMScan-

  1. NULL Cipher used or is less than 128 bits
  2. Domain is using an invalid security certificate
  3. Domain is using an expired security certificate
  4. Domain using security that is going to expire by the end-of-day
SSL
LFI RFI

LFI & RFI Detection

Local File Intrusion (LFI):

Local File Intrusion refers to a process where the file or a script has been injected on a server using a web browser, allowing traversals in local directories to be injected in case the page is not ‘sanitized’. This attack can give rise to the disclosure of user-sensitive information.

Remote File Inclusion (RFI):

Remote File Intrusion depicts an attack that can explore for vulnerabilities in a web application for including a remote file using a script on the web browser. The intruder might want to exploit the functionalities in an application for uploading malware from different domains.

Q: Does VTMScan scan subdomains of a given domain?

A: Yes, VTMScan performs scanning for subdomains of your website, but you need to provide the subdomains in the additional domain field when you schedule your scan.

Q: Can VTMScan schedule a website scan as per the user time frame?

A: Yes, VTMScan can schedule scans as per the user time frame, thereby not affecting the user website during the crucial and peak times. Users are also provided with a custom scan option where the user can himself set the time frame as per his needs.

Q: What is OS Detection in VTMScan?

A: OS Detection is one of the significant and key features that VTMScan possesses. Most of the time website is coded very securely and becomes very hard to crack. So, the online hackers target the website server’s Operating System. VTMScan predicts the Operating System that you’re using and provides you with vulnerabilities regarding your website.

Q: How exactly does VTMScan Ports remotely?

A: VTMScan evaluates all ports on the server. It then determines all the open ports along with services/products that are running on these ports. It verifies those products in the vulnerability database and reverts with alerts in case any product is vulnerable.

Q: Does VTMScan install any agents on my website?

A : No, VTMScan does not install any agent. VTMScan takes care that it sends you harmless requests and payloads that are not going to affect the performance and availability of your website.

Q : What is WAF?

A : A web application firewall (WAF) refers to an application, server plugin or filter that uses a set of rules for an HTTP conversion. Usually, these rules comprise of common attacks like- cross-site scripting (XSS) and SQL injections. By modifying these rules to the user application, several attacks can be identified and blocked. The effort is to perform customization that is significant and has to be maintained as the application has been modified.

Q : What is Content Change Monitoring and it's usage?

A : Content Change Monitoring is an essential feature of VTMScan that compares the state of your user website with a snapshot of the user website that was previously taken by the user. It informs the user if any changes are observed on the website.

Q : Is Authentication Based Scanning supported by VTMScan?

A : Yes, VTMScan does support authentication-based scanning using htaccess and web-based authentication.

Q : What do you mean by a CSRF vulnerability?

A : CSRF or cross-site request forgery is a one-click attack or session and a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts. Cross-site scripting exploits the trust of a user on a site, however, CSRF exploits the trust of a website on a user’s browser.

Q : Does VTMScan detects CMS? If Yes, then which types of CMS are detected?

A : Yes, CMS is detected in VTMScan. The types of CMS that are detected and scanned in VTMScan include- WordPress, Joomla, vBulletin and Drupal.

Q : How do I get my domain off the phishtank blacklist?

A : Do visit the page- http://www.phishtank.com/contact.php and follow the instructions to report any incorrect phishing page.

24/7

Customer Service supported by professionals

Online chat

Zwave inc

Mr. Israr Ahmad (ZWave Technologies Pvt. LTD)

Host has been an incredible service provider to my company for years, supporting my VPS solutions. I could not be more impressed with their response time, communication, eagerness to solve problems (and explaining the problem), and overall customer service. Whatever the issue, critical or not, they exceed expectations on response times...often receiving support within just a couple minutes. Highly Recommended!! Thanks for being Incredible! -Israr Ahmad, CTO, ZWave Technologies Pvt. LTD.

NetiApps Software Pvt Ltd

Mr. Manoj Pillai, CEO, NetiApps Softwares Pvt.Ltd.

Host has built a great reputation in the industry for their shared hosting options. Their VPS solutions, with optional cPanel support, provide a nice and easy introduction to those that are new to VPS hosting and know their needs require more than a typical shared host. Starting at low price points, Host makes transitioning to a VPS plan reasonable and doable. Host’s strongest point comes from their state of the art datacenter. Featuring a fully-redundant network with no single point of failure and multiple bandwidth providers, uptime should almost never be a concern.

Matoshri College of Management and Research Centre

Mr. Yogesh Gosavi, Director, Matoshri College

Being in education sector it was important for us to have an online platform which can provide complete information about our college. The website needed to be interactive and user friendly and provide an online platform for admissions and registrations. We came across Host.co.in who offered us a complete solution including Domain Registrations, Website Development & Hosting services.

National Health Systems Resource Centre

Dr.Sanjiv Kumar, Exe. Director, NHSRC

We have moved our site to Host, and the support provided was excellent, we could not have done it without your help. “When comparing the performance-versus-price of VPS plans, Host is a solid value in VPS hosting. In addition to great pricing, they offer premium support and excellent uptime compared to other VPS options in the industry. If you’ve outgrown shared hosting, or need the flexibility and security of a VPS, Host is a great choice for you. We look forward to a long relationship.

Professional managed VPS with 24x7 support

Starting At Only
999/mo

Get Started!

Company
Services
Resources
Legal

Copyright © 2021, host.co.in. All rights reserved.