Evidence-Based Open URL Redirect Scanner
Scan for Server-Side, DOM-based and even FORM-based Open Redirect Vulnerabilities
Evidence-Based Open URL Redirect Scanning At Scale
With dynamically-generated payloads!
Simulate Penetration Tester's Behaviour
Perform an automated series of effective tests to identify, exploit and verify an open URL redirect vulnerability.
Blazing Fast
Scan multiple URLs concurrently with our multi-threaded scanners.
False-Positive Free
Our integrated <span className='text-indigo-600'>Validator Engine</span> drops false-positive rates to 0%.
Advanced Payload Set
With over 35 personalized payloads generated for each target, more than capable of evading strict patterns and WAF rules.
Detailed Reports
Receive detailed reports with actionable steps. Even for edge-cases requiring multiple steps from the end-user.
Instant Notifications
Receive instant notifications once an open redirect vulnerability is discovered. Regardless of the scans' progress status.
FAQ
Frequently asked questions
What types of redirects can REDIRECT X detect?
What types of redirects can REDIRECT X detect?
REDIRECT X is capable of identifying and verifying Server-Side (GET & POST), DOM-based and FORM-based redirects. Including ones that require additional input from the user to trigger (view our demo video for more information)!
Can I scan multiple URLs at the same time?
Can I scan multiple URLs at the same time?
Yes, you can manually supply multiple URLs at the same time.
Additionally, you can also initiate a Deep Scan and automate the whole process from content discovery to scanning for CWE-601!
Is REDIRECT X capable of scanning authenticated parts of my website?
Is REDIRECT X capable of scanning authenticated parts of my website?
Yes it is! You can easily supply request headers (including any authentication headers) to reach parts behind a login form!