Better Passive Vulnerability Testing with SmartScanner version 1.7

Windows HTTP Stack vulnerability test and more passive tests in the new version of SmartScanner.

What’s new?

Test for HTTP Protocol Stack Remote Code Execution Vulnerability

A critical vulnerability in The Microsoft Windows HTTP Protocol Stack (HTTP.sys) allows remote code execution on Windows machines. This vulnerability has been registered as CVE-2021-31166 and Microsoft has released security updates to rectify it. We added test for this vulnerability in SmartScanner version 1.7 based on this POC.

💡 For testing Windows HTTP protocol stack vulnerability, choose “Denial of Service Attacks” in test configs.

🛑 This test will cause a blue screen of death on vulnerable targets; that’s why it’s not selected by default.

3 new passive tests

For testing above tests, choose “Passive tests” in scan configs.


A false positive XSS bug fixed. And, SQL Injection accuracy increased for MySQL and PostgreSQL databases. Also, tests for vulnerable applications such as PHP, Apache, Nginx, and WordPress got updated.

Download SmartScanner

More details on changelog

Scan security of your website with SmartScanner for free