
Detectify
Intruder
Acunetix
Probe.ly
Burp Suite
Nessus
Pentest-Tools
Snyk
GuardingWP
Wordfence
Sucuri Security Scanner
WPScan
WordPress Security Scanner
WPCheckr
wpscan.online
WPScans.com
GuardingWP is an external scanner. You enter a URL, it fetches your site's headers and HTML from the outside, probes a set of known WordPress endpoints, and checks your installed plugins against a CVE database. Nothing is installed on your server.
What it's good for: a quick, no-commitment health check. You can scan any WordPress site you own or manage in under 10 seconds without touching the server. It tells you what's currently exposed โ version fingerprints, misconfigured headers, XML-RPC, weak login configuration, vulnerable plugins.
What it doesn't do: it can't detect malware that's already on your server, block live attacks, or monitor your site over time (unless you're on the Pro plan with weekly automated scans).
Use it when: you want to know where your site stands right now, you're auditing a client site before taking it on, or you've just made security changes and want to verify they worked.
Detectify
GuardingWPNo GuardingWP videos yet. You could help us improve this page by suggesting one.
GuardingWP's answer:
GuardingWP combines automated security scanning with plain-English fix instructions and an optional done-for-you fix service โ all in one place. You don't just get a list of problems; you get told exactly how to fix them, or we fix it for you.
GuardingWP's answer:
Most WordPress security tools are bloated plugins that slow your site down or require ongoing subscriptions just to see basic results. GuardingWP is lightweight, requires no plugin install, and gives you a full security report from a simple URL scan โ no technical knowledge needed.
GuardingWP's answer:
WordPress site owners who aren't developers โ small business owners, freelancers, bloggers, and agencies managing client sites who want to know their site is secure without hiring a security specialist.
GuardingWP's answer:
While building and maintaining WordPress sites for clients, I kept finding the same security issues over and over โ misconfigured headers, exposed login pages, outdated plugins. I built GuardingWP to make it easy for any site owner to catch these problems before they become breaches.
GuardingWP's answer:
Next.js, TypeScript, Tailwind CSS, SQLite, and Node.js โ hosted on a Hetzner VPS with Caddy as the web server.
GuardingWP's answer:
Currently in early stages, so no enterprise customers to name yet.
Based on our record, Detectify seems to be more popular. It has been mentiond 4 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
Detectify once made an offer of making free scans which I took them up on. There are plenty of free Content Security Policy (CSP) and other vulnerability checkers around such as Observatory or Pentest. Shields UP!! Will identify which ports you have open. Source: over 2 years ago
Detectify | Community Manager, Crowdsource | REMOTE (Offices in Boston, US & Stockholm, Sweden. We help with relocation if wanted) https://detectify.com/ We are a cyber security company in the industry, and more specifically the EASM (External Attack Surface Monitoring) space by automating and scaling the knowledge of hundreds of ethical hackers through our SaaS platform. Currently through our unique to Detectify... - Source: Hacker News / over 4 years ago
A concept-level idea would be this: 1) For your staging/UAT environment pipeline stages, add a "DAST scan" step, eg. With Detectify (which also has an API accommodating this need) 2) I'd assume, independently from the DAST scan, you ran some tests on UAT. Allow the scan to complete during the time it takes to run your UAT tests. After that, you'll get a report (automated or not) from your scanner. 3) When... Source: about 5 years ago
Subdomain takeover was pioneered by ethical hacker Frans Rosรฉn and popularized by Detectify in a seminal blogpost as early as 2014. However, it remains an underestimated (or outright overlooked) and widespread vulnerability. The rise of cloud solutions certainly hasn't helped curb the spread. - Source: dev.to / over 5 years ago
Intruder - Intruder is a security monitoring platform for internet-facing systems.
Wordfence - Comprehensive security plugin for WordPress.
Acunetix - Audit your website security and web applications for SQL injection, Cross site scripting and other...
Sucuri Security Scanner - Sucuri Security Scanner is a web-based tool that is used to protect the website from intruders and hackers.
Probe.ly - Intuitive and easy-to-use webapp vulnerability scanner
WPScan - WPScan is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their sites.