Security Tests

Before initiating a scan, you have the option to specify the security issues you wish to test for. Follow these steps:

1. On the main page, click on the gear icon in input field to access the scan configurations.
2. In the Tests tab, you can select the desired security tests. For a list of vulnerabilities SmartScanner can detect visit our vulnerability index.

You can also choose from predefined test profiles, each tailored to address specific security concerns:

• Default: Includes tests for all security issues except Denial of Service (DOS) tests.
• OWASP Top 10: Checks for vulnerabilities outlined in the OWASP Top 10, a standard awareness document for web application security. This profile checks for vulnerabilities outlined in both the OWASP Top 10 2021 and 2017.
• Passive: Conducts a scan without sending malformed requests to the server, reducing the risk of causing damage to the backend and minimizing the chance of getting blocked by Web Application Firewalls (WAF). For more insights on passive vulnerability scanning and its benefits, refer to following article: Why you should use passive vulnerability scan on your website.
• Headers Security: Performs a comprehensive scan to evaluate and enhance the security of HTTP headers, crucial for safeguarding web servers against potential threats. Explore our complete guide to HTTP Headers for a deeper understanding of securing websites.
• High Impact: Focuses on identifying critical vulnerabilities for intensive security testing.