https://www.tenable.com/products/nessus/nessus-professional https://www.tenable.com/products/nessus-home ---- https://cirt.net/Nikto2 https://github.com/sullo/nikto ---- http://www.zaproxy.org/ https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project https://github.com/zaproxy/zaproxy/wiki/Downloads ---- https://code.google.com/archive/p/skipfish/ ---- http_conf Default :: ServerTokens OS >>> ServerTokens Prod others add ServerTokens Prod ??? add Header always append X-Frame-Options SAMEORIGIN php.ini expose_php=On >>> expose_php=off http-SSL SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 >>> SSLProtocol +TLSv1.2 ¤ËÊѹ¹ How2CHECK openssl s_client -connect test.your.host.name:443 -tls1_1 NG openssl s_client -connect test.your.host.name:443 -tls1_2 OK