Security Scanner for Drupal installations to quickly identify potential security issues, server reputation and other aspects of the web server.
Drupal is one of the worlds leading content management system. It is used on a large number of high profile sites. It is known for its security and being extensible. Perform a simple Drupal security test by filling out the following form. Our system will test your website in a non-intrusive manner and display any discovered vulnerabilities or configuration errors.
Perform a Free Drupal Security Scan with a low impact test.
Check any Drupal based site and get a high level overview of the sites security posture. Once you see how easy it is grab a membership and test Drupal with the dedicated Active Checks, Nikto, OpenVAS and more.
Low Impact Recon Immediate Results No login required
Membership Benefits
Access advanced network mapping and regular scan schedules.
Detect
Detect version, interesting URLS and extensions with Droopescan
Identify
Identify the attack surface through extension and theme enumeration.
Access Granted
To 27 Vulnerability Scanners & IP Tools.
Test
Test Drupal with OpenVAS and Nikto Scanners
About Drupal Security Testing
This Drupal security test checks for common security issues, misconfigurations, and exposure indicators. It also reviews linked hosts and related infrastructure for basic reputation and security signals.
The free scan uses passive analysis only. It gathers information from normal web requests, HTML source, JavaScript, and other publicly accessible content without sending aggressive security probes.
The advanced testing options use active security checks to request known Drupal paths and module locations, helping identify exposed components, attack surface, and security issues that may not be visible through passive analysis alone.
Our online security testing tools for Drupal and other web platforms support a wide range of use cases, from quick checks to more detailed security testing.
Comprehensive Security Testing
- Get informed with detailed technical reporting
- Assess the Security Posture of Any Web Site
- Test underlying server and network accesses
- Attack Surface Analysis with Bulk Testing
- Intelligence for Red Teams, Blue Teams and Web Site Ops
- Full Access to 28 Vulnerability Scanners & Tools
Compare Free Check vs Membership
Start with a free Drupal security check, then upgrade for deeper testing and full access to the security toolkit.
Free Drupal Check
- Drupal version check
- Threat intelligence and blocklist checks
- Directory indexing checks on common paths
- External links found on the main page
- Passive detection of components and modules
- JavaScript link analysis, including host blocklist checks
- Web Server, hosting infra, and geolocation details
Membership Upgrade
- Active Drupal testing of common paths, modules, and extensions
- Vulnerability testing with OpenVAS
- Website script and framework checks with Nikto
- Bulk passive surveys for web technologies and related details
- Ongoing monitoring for port and vulnerability changes with scheduled Nmap and OpenVAS scans
- Full access to the security testing toolkit, including port scanning, web server testing, and vulnerability scanning
Upgrade to Membership
7 day money back guarantee
About Droopescan and Active Drupal Testing
Droopescan is a well-known open source project for Drupal, Joomla, Moodle, SilverStripe, and WordPress enumeration. It has been a useful tool for understanding how web application fingerprinting and component discovery work, and it remains a good reference project for security researchers and defenders.
Our Drupal active scan no longer relies on Droopescan directly. Instead, it uses our own maintained checks designed to better reflect current Drupal deployments and provide more up-to-date testing coverage.
For users who want to explore the project, Droopescan is available on GitHub and may also be found in security-focused distributions such as Kali Linux.
