Shellshock Scanner Free for Everyone
By- October 08, 2014
We care a lot about our customers’ security and every time a new major vulnerability comes out, we have your back. With that, we want to let you know that we added a suite of tests for the recent Bash vulnerability known as Shellshock to the Tinfoil web application scanner last week.
Shellshock is a high-severity vulnerability that allows an attacker to run arbitrary code on a vulnerable server. It’s important that you run a full scan on your sites and update Bash on any that are vulnerable. If you are a customer on any of our paid plans, recent and future scans include these tests. If you’re using our free XSS-only plan, we’ve added the Shellshock tests to run with any of your scans through the end of the year.
For non-customers, feel free to sign up for a Tinfoil Security account. You’ll automatically be enrolled in a free 30 day trial of our Standard plan and post-trial you can always keep scanning your website for XSS for free! Once in a trial, any scan run will test your website for the Shellshock vulnerability. Please note that this does not include scans run from our homepage.