Security Overview
TechCorp S.A. ยท Last audit: May 15, 2026
Total Audits
6
Since Jan 2026
Open Findings
12
3 high severity
Resolved
34
Closed findings
Security Score
72
โ +8 this month
Recent Audits
All systems monitored| Target | Type | Date | Findings | Status |
|---|---|---|---|---|
techcorp.com | Full Pentest | May 15, 2026 | 3 High | Complete |
api.techcorp.com | API Security | Apr 28, 2026 | 5 Medium | Complete |
admin.techcorp.com | Reconnaissance | Mar 10, 2026 | 2 Info | Complete |
My Audits
All penetration tests performed on your assets
Audit History
| ID | Target | Tools Used | Duration | Date | Report |
|---|---|---|---|---|---|
#AUD-006 | techcorp.com | nmap, nikto, gobuster, theHarvester | 18 min | May 15 | Download PDF |
#AUD-005 | api.techcorp.com | nmap, nikto, whatweb | 12 min | Apr 28 | Download PDF |
#AUD-004 | mail.techcorp.com | nmap, theHarvester, subfinder | 9 min | Apr 01 | Download PDF |
#AUD-003 | shop.techcorp.com | nmap, nikto, gobuster, whatweb | 22 min | Mar 15 | Download PDF |
#AUD-002 | admin.techcorp.com | nmap, gobuster, whois | 7 min | Mar 10 | Download PDF |
#AUD-001 | techcorp.com | nmap, nikto, theHarvester, subfinder | 31 min | Jan 20 | Download PDF |
Security Findings
Vulnerabilities and issues discovered across your assets
Critical
0
High
3
Medium
9
Low / Info
22
Open Findings
12 unresolvedHIGH
Exposed .git directory on techcorp.com
Source code repository accessible publicly. Risk of source code disclosure and credential leakage.
HIGH
Admin panel accessible without 2FA
admin.techcorp.com login does not enforce two-factor authentication. Susceptible to brute-force.
HIGH
SQL injection vector in /api/search
Parameter 'q' not sanitized. Potential for data extraction from production database.
MED
Missing X-Frame-Options header
Clickjacking attack possible on main site and admin panel.
MED
Outdated nginx version (1.18.0)
Running a version with known CVEs. Upgrade to 1.24+ recommended.
MED
Directory listing enabled on /assets/
Web server returns full directory contents. Files and structure exposed to public.
LOW
HSTS not configured
HTTP Strict Transport Security header absent. Users may connect over HTTP on first visit.
LOW
17 subdomains exposed via DNS
theHarvester discovered staging.techcorp.com, dev.techcorp.com and 15 others publicly resolving.
Reports
Downloadable PDF penetration test reports
Available Reports
| Report | Target | Pages | Generated | Action |
|---|---|---|---|---|
| Full Pentest Report #6 | techcorp.com | 24 pp. | May 15, 2026 | โฌ Download PDF |
| API Security Report #5 | api.techcorp.com | 18 pp. | Apr 28, 2026 | โฌ Download PDF |
| Mail Server Report #4 | mail.techcorp.com | 12 pp. | Apr 01, 2026 | โฌ Download PDF |
| E-commerce Report #3 | shop.techcorp.com | 29 pp. | Mar 15, 2026 | โฌ Download PDF |
| Admin Recon Report #2 | admin.techcorp.com | 9 pp. | Mar 10, 2026 | โฌ Download PDF |
| Initial Pentest Report #1 | techcorp.com | 31 pp. | Jan 20, 2026 | โฌ Download PDF |
My Contract
Service agreement and plan details
Active Plan
โ ActiveClient name
TechCorp S.A.
Plan
Professional ยท 6 audits/month
Contract start
January 1, 2026
Renewal date
July 1, 2026
Audits used
6 / 6 this month
Monthly fee
$499 USD / month
Scope
All *.techcorp.com assets
Account manager
admin@smartkali.com
Plan includes
โ6 full penetration tests / month
โAI-generated PDF reports
โReal-time audit dashboard
โ7 Kali Linux security tools
โFindings tracking & remediation
โPriority email support