TEQNIX Dashboard

General

Define the name of this instance. Choose a name that can help you finding it later. Once the test is completed, a notification will be sent to the specified email address.

Occurrence

Define the occurrecnce of the scan against the nominated assets in Scope. The recommended settings is once a week, this will allow to monitor the systems actively and avoid stressing the environment.

Scope

Targets can be IP, domain name or hostnames.
Based on the target type, the Engine will select the appropriate testing.

	#	Name	Target
No result

Reconnaissance

The recon gathers information about the target systems and organization. This phase is essential to discover the target's attack surface.

Subdomains enumeration

Cloud services enumeration

Network

Network scanning discovers services exposed on a target network or system. The services discovered are further analysed in the next automation phases. Disabling this phase will also disable testing for these services.

Full port scan (high speed - dynamic at 10ms scan delay)

UDP scan

Cloud services enumeration

Scan new identified subdomains

Subdomain configuration check

Services

Security vulnerability scanning is performed on network services, followed by targeted testing based on their specific types.

Enumeration

Vulnerability scan

Email security check

DNS security check

Cloud Services

When publicly available cloud resources are identified, we will scan them to detect any access control configuration weaknesses. If you prefer TEQNIX to scan these resources directly, you can specify them as assets.

Access control test

Authentication

Authentication login can be subject to brute-force. This test will assess the target system's resilience against this attack.

Brute-force all services (Limited dictionary with semi-paranoia level with one thread for management services)

Backdoor

Check for the presence of backdoors on your website or web application. The existence of a backdoor is indicative of a compromised system.

Check presence of backdoors

Web Application

This test aims to discover security flaws by probing the application with unexpected and potentially malicious inputs, to identify vulnerabilities, such as input validation issues and security misconfigurations.

Test for XSS, CSRF, SSRF, Directory traversal

SQL and XML injection discovery only (medium paranoia level)

Secure Configuration

Identify services that expose an insecure configuration or that lacks security best practices.

Web Server

VPN service

File server

DNS

Security Compliance

Enabling this feature will trigger the system to search for and generate the required report to meet specific compliance requirements.

To obtain full coverage and comply to below security standards, manual testing is also required.
Apply Here

PCI-DSS (partial coverage)

ISO27001

SOC2

Risk Rating

Risk rating framework for the classification of vulnerabilities. This is the default risk rating classification that will be used by the reporting.

Common Vulnerability Scoring System 3.1 (CVSS specification)

Reporting

The results of the scanning activity will be exported as a PDF file.

PDF report

By proceeding, I confirm that I have authorization to perform testing of the targets specified in the Scope section above.

Run Instance

Notifications

Create an Instance