Web-scanner.app offers various scan types to cater to different testing needs, ensuring flexibility and control over the security scanning process. Below is an overview of the available scan types and when to use each:

Safe Scan

Description: A conservative scan designed to minimize any risk of impacting your application’s performance or availability.

Use Case: Ideal for production environments where application stability is critical, as this scan type focuses on detecting common, lower-risk vulnerabilities without making any potentially disruptive requests.

Coverage: Limited to low-impact tests, covering basic security checks like header misconfigurations, minimal input fuzzing, and visible endpoint vulnerabilities.

Full Scan

Description: A deep scan that aggressively tests for all potential vulnerabilities, utilizing advanced testing techniques and a high volume of requests.

Use Case: Best for testing non-production environments where a complete security assessment is needed. This scan type is often run on pre-deployment environments to catch all possible issues before release.

Coverage: Covers all known vulnerabilities, including SQL injection, cross-site scripting (XSS), sensitive data exposure, and more, providing an exhaustive analysis of the application’s security posture.

One-Page Scan

Description: A quick, targeted scan that focuses on a single webpage or endpoint.

Use Case: Useful for testing specific components of the application, like a login page or an API endpoint, without scanning the entire application. Often used to verify fixes or test individual features.