Go to Intruder
All Collections
Plans, features and licensing
What checks does Intruder run?

What checks does Intruder run?

And how can you find them in the portal.
Naomi Purvis avatar
Written by Naomi Purvis. Updated over a week ago

You'll find an overview of the plans, below:

Plan

Scanning engine

Number of checks

What's covered?

Essential

OpenVAS

~17,000

  • External infrastructure only

Pro

Premium

Vanguard

Tenable

~140,000

  • External infrastructure

  • Internal endpoints: Windows, Linux + MacOS

You can add an 'authentication license' to any of the plans above, which will increase the checks count by 69. These checks are powered by Owasp Zap and focus exclusively on the types of vulnerabilities that affect web-apps and the servers that host them.

All plans cover:

  • Unintentionally exposed systems
    Checks for software and services which are not recommended to be exposed to the internet

  • Information Leakage
    Checks for information leakage which could be used by hackers to mount further attacks

  • Encryption weaknesses
    Checks for weaknesses in SSL/TLS implementations

  • Misconfigurations & common mistakes
    Checks for misconfigurations, security best-practices, and common mistakes such as exposing code repositories

  • Remote vulnerable Software and missing patches
    Checks (from an external perspective) for software with publicly known vulnerabilities

Pro, Premium and Vanguard plans also include internal scanning (via an agent) for Linux, Windows and MacOS devices. Which offers more comprehensive checks as it is has more privileged access to the machine. Some of the things we check you for include:

  • Local misconfigurations & common mistakes

    No matter how secure the software package is, it can still be configured in an insecure manner - for example leaving default passwords setup; inadvertently leaving admin pages exposed; and not enabling encryption.

  • Vulnerable software packages & missing patches
    Checks your internal targets for vulnerable versions of software packages, frameworks and components, including OS patches, software updates and missing server packages.

Any plan with an Authentication license (and credentials provided) will be checked for:

  • OS command injection

  • Cross-site scripting (XSS); persistent/stored, reflected and DOM-based XSS

  • SQL injection; against multiple types of databases

  • NoSQL injection; specifically against MongoDB

  • LDAP injection

  • XPath injection

  • Server-side includes

  • Server-side code injection

  • Java serialisation weaknesses

  • Buffer and integer overflows

[For a more detailed explanation of the features included in each plan head to this article: Which service is right for me?]

Where can I see the full list of checks you run?

If you have access to the portal, you can see exactly what we test your for. Just head to the dashboard and click Checks available:

👇

Here you can see all the checks your targets will be evaluated against; with the option to filter by CVSS Rating, Check Type, or search by CVE or Check Name:

👇

Clicking on any check will take you through to the Check's Detail page, where you can find information such as date of publication; associated CVEs; the check type (internal, external, authenticated) as well as the and the CVSS rating:

You'll also see which of your targets have been checked for that vulnerability, which weren't; the last known status [Failed or Passed]; and the last scan date.

FAQs

Do all checks get executed all the time?

All checks are enabled, but this does not mean that all checks will be executed against every service that your systems has listening on the internet. Instead, vulnerability scanners will 'fingerprint' the service running on that port and execute checks for that service only (there’s little value in executing a check for a different type of service other than the one that’s listening on your system).

Can I export a list of all the checks?

Yes, absolutely! Just head to the Checks page and hit 'Export to CSV':

Did this answer your question?