Posted by cjordan on August 13, 2015 at 10:51pm
Hello group members,
I am looking for a way to scan my drupal sites for security issues. I found this site online https://hackertarget.com/drupal-security-scan/. Thanks for your comments in advance.

Comments
Tools and options
The site you mentioned is not comprehensive at all and provides some confusing output.
Uh, yes, that's accurate, 7.38 is higher than 7.32.
It checks to see if directory indexing is enabled and a couple other minor checks. Honestly, I think it just drives traffic to their professional services with some very minimal analysis.
No one algorithm will capture everything, but a number of tools can be used together.
I'm partial to https://drupal.org/project/site_audit used in conjunction with https://drupal.org/project/security_review https://drupal.org/project/hacked and https://drupal.org/project/unused_modules - but with the caveat that I'm the author of site_audit so my opinion might be skewed.
Also, http://sourceforge.net/projects/rips-scanner/files/ has found some vulnerabilities not detected elsewhere.
Auditing the hosting environment is another task altogether. Are all the components in the stack up-to-date, correctly configured, and appropriate for the task at hand?
Thanks
Hello,
I am very grateful for the information. I will certainly put it to good use. Thanks so much. I have hosting that I resell, VPS hosting with WHM. I have a small startup that caters specifically to drupal. I have had my issues with various hosting companies and in my experience most don't offer support for drupal specific related issues. I usually have to troubleshoot my own issues and needs, drupal needs resources to run smoothly. So I offer support borrowing from my years of experience from drupal 6 days till now. I do not delve too deep into the code I mostly try to make sure that the sites are patched with the latest updates and that my customers get the best possible support for their projects.
Hi cgordan, there's a group
Hi cjordan, there's a group called Site Audits:
https://groups.drupal.org/site-audits
Would you like to cross-post this to that group?