-
Notifications
You must be signed in to change notification settings - Fork 0
/
checksum-security-scanner.html
210 lines (197 loc) · 12.6 KB
/
checksum-security-scanner.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
<!doctype html>
<html class="no-js" lang="en">
<head>
<meta charset="utf-8">
<meta name="description" content="">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="The simplest cloud security scanner with 0% false positives."/>
<title>Checksum Cloud Security Scanner - Fallible</title>
<link rel="apple-touch-icon" href="apple-touch-icon.png">
<link href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400" rel="stylesheet">
<!-- Place favicon.ico in the root directory -->
<link rel="stylesheet" href="styles/main.css">
<script src="scripts/vendor/modernizr.js"></script>
</head>
<body>
<!--[if lt IE 10]>
<p class="browserupgrade">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience.</p>
<![endif]-->
<div class="container">
<header>
<nav class="navbar navbar-light navbar-fixed-top" id="top-nav">
<button class="navbar-toggler hidden-md-up" type="button" data-toggle="collapse" data-target="#exCollapsingNavbar" aria-controls="exCollapsingNavbar" aria-expanded="false" aria-label="Toggle navigation">
☰
</button>
<a class="navbar-brand" href="/">Fallible</a>
<ul class="nav navbar-nav text-right pull-md-right pull-lg-right hidden-sm-down">
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" href="#">PRODUCTS</a>
<div class="dropdown-menu" aria-labelledby="dropdownMenuButton">
<a class="dropdown-item" href="fallible-managed-security">Fallible Managed Security</a>
<a class="dropdown-item" href="cybersecurity-due-diligence">Cybersecurity Due Diligence</a>
<a class="dropdown-item" href="checksum-security-scanner">Checksum Security Scanner </a>
<a class="dropdown-item" href="portfolio-package">Portfolio Package</a>
</div>
</li>
<li class="nav-item">
<a class="nav-link" href="pricing">PRICING</a>
</li>
<li class="nav-item">
<a class="nav-link" href="https://fallible.co/blog">BLOG</a>
</li>
<li class="nav-item">
<a class="nav-link" href="faq">FAQ</a>
</li>
<li class="nav-item">
<a class="btn dashboard-button" href="https://dashboard.fallible.co/login">Open dashboard</a>
</li>
</ul>
<div class="collapse" id="exCollapsingNavbar">
<button class="navbar-toggler hidden-md-up" type="button" data-toggle="collapse" data-target="#exCollapsingNavbar" aria-controls="exCollapsingNavbar" aria-expanded="false" aria-label="Toggle navigation">
☰
</button>
<p><a class="mobile-link" href="pricing">Pricing</a> </p>
<p><a class="mobile-link">Blog</a></p>
<p><a class="mobile-link" href="/faq">FAQ</a></p>
<p><a class="mobile-link" href="/cybersecurity-due-diligence">Due Diligence</a></p>
<p><a class="mobile-link" href="/checksum-security-scanner">Checksum Scanner</a></p>
<p><a class="mobile-link" href="/fallible-managed-security">Managed Security</a></p>
<p><a class="mobile-link" href="/portfolio-package">Portfolio Package</a></p>
<p> <a class="btn btn-danger" href="https://dashboard.fallible.co/login">Login</a></p>
</div>
</nav>
</header>
</div>
<div class="container-fluid product background-checksum">
<div class="row">
<div class="col-sm-12 col-md-12 col-lg-12">
<h1 class="title">Checksum Security Scanner </h1>
<h3 class="subtitle">A learning cloud based security scanner</h3>
<div class="action-button">
<button class="btn btn-lg btn-danger button-size">Early access</button>
</div>
</div>
</div>
</div>
<div class="container product-info">
<div class="row">
<div class="col-sm-12 col-md-12 col-lg-12">
<h1 class="icon"><i class="fa fa-chrome" aria-hidden="true"></i></h1>
</div>
<div class="col-sm-12 col-md-12 col-lg-12">
<h1 class="header">Security tests right in your browser</h1>
</div>
</div>
<div class="col-sm12 col-md-6 col-lg-6">
<p class="content">
Checksum is a chrome extension that checks your web app for security vulnerabilities. You just need to go to your web app and test your features. We will record the process and even the network API calls made during the whole process and send it over to our cloud servers for processing.
<br> You get an alert mail when the tests are complete. After fixing the issues, you just need to replay your last recorded process to verify if the issues discovered last time have been fixed or not. You can even rerun these checks periodically from our dashboard. Later, when you create new feature, just add a recording of it’s usage via our extension and you are good.
<br>
</p>
</div>
<div class="col-sm12 col-md-6 col-lg-6">
<p class="content">In case of proxies or installable scanners, you need to install a certificate before you can get the HTTPS data for analysis. Using a chrome extension bypasses this hurdle.
<br> We can reuse the authentication token/cookie the browser receives after you login to your web app using your test account for crawling your website automatically. No need to provide authentication details and URLs to us.
<br> If you are a startup or a fast moving company, checksum ensures you do security sanity checks quickly before releasing your product, for every release.
</p>
</div>
<div class="row">
<div class="col-sm-12 col-md-12 col-lg-12">
<h1 class="icon"><i class="fa fa-check-circle" aria-hidden="true"></i></i></h1>
</div>
<div class="col-sm-12 col-md-12 col-lg-12">
<h1 class="header">Security as simple as browing the web</h1>
</div>
</div>
<div class="col-sm12 col-md-6 col-lg-6">
<p class="content">Install the extension, browse to your web app/API explorer, login and use the features you want to check and our extension will smartly figure out the vulnerabilities and show they by order of importance. You can also use our spider mode (like other security scanners) to automatically crawl your app and discover links but it would be less effective and might not cover all your API endpoints.</p>
</div>
<div class="col-sm12 col-md-6 col-lg-6">
<p class="content">Apart from the SQL injection, XSS, CSRF issues shown by traditional scanners, we also detect issues like use of vulnerable JS libraries, data leak due to improper authorization, missing secure HTTP headers and logical vulnerabilities like reset password token expiration, poorly designed OTP systems, exposed ports and software like Redis, elasticsearch on current machine etc. We intend to mostly focus on logical vulnerabilities automation.</p>
</div>
<div class="row">
<div class="col-sm-12 col-md-12 col-lg-12">
<h1 class="icon"><i class="fa fa-calendar" aria-hidden="true"></i></i></h1>
</div>
<div class="col-sm-12 col-md-12 col-lg-12">
<h1 class="header">Continuosly updated with new checks</h1>
</div>
</div>
<div class="col-sm12 col-md-6 col-lg-6">
<p class="content">With an ever increasing repository of public and privately known vulnerabilties, you are assured of checks against all known vulnerabilites and more.</p>
</div>
<div class="col-sm12 col-md-6 col-lg-6">
<p class="content">Checksum automates known CVEs, and based on our own research automates the most commonly occuring vulnerabilites across some of the most popular applications.</p>
</div>
</div>
<footer class="container-fluid">
<div class="row">
<div class="col-sm-12 col-md-12 col-lg-12">
<div class="lead-footer">
<form class="form-inline">
<input class="form-control form-control-lg" type="text" placeholder="Your primary domain">
<a class="btn button-inverse btn-lg" href="https://dashboard.fallible.co/signup" role="button">Get Started</a>
</form>
</div>
</div>
</div>
<div class="row">
<div class="col-sm-12 col-md-12 col-lg-12">
<div class="align-icons">
<a href="https://www.linkedin.com/company/fallible"><i class="fa fa-linkedin icons" aria-hidden="true"></i></a>
<a href="https://twitter.com/fallible_inc"><i class="fa fa-twitter icons" aria-hidden="true"></i></a>
<a href="https://www.facebook.com/fallible.co"><i class="fa fa-facebook icons" aria-hidden="true"></i></a>
</div>
</div>
</div>
<div class="row">
<div class="col-sm-12 col-md-12 col-lg-12">
<div class="align-pages">
<a class="page" href="privacy">Privacy Policy</a>
<a class="page" href="terms">Terms of Service</a>
<a class="page" href="refund">Refund Policy</a>
<a class="page" href="contactus">Contact</a>
<a class="page" href="https://angel.co/fallible/jobs/157321-software-engineer-security-r-d">Join Us</a>
<a class="page" href="https://fallible.co/blog">Blog</a>
</div>
</div>
</div>
<div class="row">
<div class="col-sm-12 col-md-12 col-lg-12 copyright">
<p>© 2016 Checksum Labs, Inc. All rights reserved. </p>
</div>
</div>
</footer>
<!-- Google Analytics: change UA-XXXXX-X to be your site's ID. -->
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-68651333-1', 'auto');
ga('send', 'pageview');
</script>
<script src="scripts/vendor.js"></script>
<script src="scripts/main.js"></script>
<!-- begin olark code -->
<script data-cfasync="false" type='text/javascript'>/*<![CDATA[*/window.olark||(function(c){var f=window,d=document,l=f.location.protocol=="https:"?"https:":"http:",z=c.name,r="load";var nt=function(){
f[z]=function(){
(a.s=a.s||[]).push(arguments)};var a=f[z]._={
},q=c.methods.length;while(q--){(function(n){f[z][n]=function(){
f[z]("call",n,arguments)}})(c.methods[q])}a.l=c.loader;a.i=nt;a.p={
0:+new Date};a.P=function(u){
a.p[u]=new Date-a.p[0]};function s(){
a.P(r);f[z](r)}f.addEventListener?f.addEventListener(r,s,false):f.attachEvent("on"+r,s);var ld=function(){function p(hd){
hd="head";return["<",hd,"></",hd,"><",i,' onl' + 'oad="var d=',g,";d.getElementsByTagName('head')[0].",j,"(d.",h,"('script')).",k,"='",l,"//",a.l,"'",'"',"></",i,">"].join("")}var i="body",m=d[i];if(!m){
return setTimeout(ld,100)}a.P(1);var j="appendChild",h="createElement",k="src",n=d[h]("div"),v=n[j](d[h](z)),b=d[h]("iframe"),g="document",e="domain",o;n.style.display="none";m.insertBefore(n,m.firstChild).id=z;b.frameBorder="0";b.id=z+"-loader";if(/MSIE[ ]+6/.test(navigator.userAgent)){
b.src="javascript:false"}b.allowTransparency="true";v[j](b);try{
b.contentWindow[g].open()}catch(w){
c[e]=d[e];o="javascript:var d="+g+".open();d.domain='"+d.domain+"';";b[k]=o+"void(0);"}try{
var t=b.contentWindow[g];t.write(p());t.close()}catch(x){
b[k]=o+'d.write("'+p().replace(/"/g,String.fromCharCode(92)+'"')+'");d.close();'}a.P(2)};ld()};nt()})({
loader: "static.olark.com/jsclient/loader0.js",name:"olark",methods:["configure","extend","declare","identify"]});
/* custom configuration goes here (www.olark.com/documentation) */
olark.identify('4350-869-10-6474');/*]]>*/</script><noscript><a href="https://www.olark.com/site/4350-869-10-6474/contact" title="Contact us" target="_blank">Questions? Feedback?</a> powered by <a href="http://www.olark.com?welcome" title="Olark live chat software">Olark live chat software</a></noscript>
<!-- end olark code -->
</body>
</html>