Pete Freitag has launched HackMyCF, a site that can test your ColdFusion servers for security holes, missing hotfixes and patches, and more. You simply provide a server host name and e-mail address, and the app runs a scan and e-mails you a report. Highly recommended!
Pete Freitag Launches HackMyCF
3 Comments
M
Disregard that last comment - I see now that the address the report is emailed to needs to be from the same domain as the site to be checked for vulnerabilities.
M
Very cool. However, is there anything done to verify that a person owns the domain that they type in? Or will this just be a tremendously valuable tool for hackers to have someone else find the vulnerabilities in a potential target site?
N
Nathan Kondra
Yes but the question at the heart of the matter is how secure is Pete's Server?
*Is it on a shared server
*Who has access to the information
*How much information is collected
Looks like a great service and would consider using it / paying for it but need more information inside the Terms / Privacy.