With great power comes great responsibility!


PunkSPIDER it’s an extremely powerful tool, the results of which should be used with extreme care and awareness

And the developers has the same opinion: when you enter the site in fact you are greeted by a pop-up disclaimer that says:

PunkSPIDER 3.0 is now more powerful than ever, but with great power comes great responsibility. 
 
 The goal is to provide free information to website users and owners regarding website security status. 
 
 We take this very seriously, use it wisely or we’ll have to take it away.

Simply type the URL in the search box and find your website: if it was already mapped by punkspider, the webapp displays a simple report, with the number of flaws:


(for more information about the project you can read the official documentation)


What kinds of vulnerabilities are mapped by PunkSPIDER?

  • BSQLI = Blind SQL Injection
  • SQLI = SQL Injection
  • XSS = Cross Site Scripting
  • TRAV = Path Traversal
  • MXI = Mail Header Injection or Email Injection
  • OSCI = Operating System Command Injection
  • XPATHI = XPath Injection

Enjoy!