📖 Documentation

Complete guide to using Web Iron Shield

Getting Started

Web Iron Shield is a professional website security scanner that helps you identify vulnerabilities before hackers find them. This guide covers everything you need to know.

System Requirements

  • Operating System: Windows 10 or Windows 11
  • Memory: 4 GB RAM minimum (8 GB recommended)
  • Disk Space: 100 MB free space
  • Network: Active internet connection
  • Display: 1280x720 minimum resolution

Installation

Option 1: Setup Installer (Recommended)

  1. Download WebSecurityScannerPro_Setup_v1.9.exe
  2. Double-click to run the installer
  3. Follow the installation wizard
  4. Launch from desktop shortcut or Start Menu

Option 2: Portable Version

  1. Download WebSecurityScannerPro.exe
  2. Place it in any folder
  3. Double-click to run - no installation needed

Running Your First Scan

  1. Enter URL: Type the website URL in the target field (e.g., https://example.com)
  2. Configure Options: Adjust settings if needed:
    • Max Pages: Maximum pages to crawl (default: 500)
    • Max Depth: How deep to crawl links (default: 10)
    • Timeout: Request timeout in seconds (default: 15)
    • Delay: Delay between requests (default: 0.3s)
  3. Start Scan: Click "🔍 Start Scan"
  4. Monitor Progress: Watch real-time activity in the activity panel
  5. Review Results: When complete, review issues in the Issues tab

Understanding Scan Results

Severity Levels

  • 🔴 HIGH - Critical vulnerabilities requiring immediate attention
  • 🟡 MEDIUM - Significant issues that should be addressed
  • 🟢 LOW - Minor issues or recommendations
  • 🔵 INFO - Informational findings

Issue Details

Double-click any issue to see detailed information:

  • Description: What the vulnerability is
  • Evidence: Proof found during scanning
  • Attack Explanation: How hackers exploit this vulnerability
  • Fix Recommendation: How to resolve the issue
  • Code Example: Sample code to implement the fix

Security Check Categories

Web Iron Shield performs 12 categories of security checks:

1. Known Exploits (CVE Database)

Checks against 30+ known vulnerabilities including WordPress, Joomla, Drupal, and PHP exploits from Exploit-DB.

2. Zero-Day Risks

Detects outdated software versions that may have unpublished vulnerabilities.

3. Attack Surfaces

Discovers exposed admin panels, API endpoints, and other entry points.

4. Server Misconfigurations

Tests for directory listing, debug pages, default files, and other misconfigurations.

5. Security Headers

Analyzes HTTP security headers: Content-Security-Policy, X-Frame-Options, HSTS, etc.

6. SQL Injection

Tests input parameters for SQL injection vulnerabilities.

7. XSS (Cross-Site Scripting)

Checks for reflected and DOM-based XSS vulnerabilities.

8. File Upload Security

Analyzes upload forms and directories for potential exploits.

9. Authentication Risks

Tests login forms for rate limiting, password policies, and security issues.

10. API Security

Examines API endpoints for authentication, methods, and data exposure.

11. Malware Detection

Scans for cryptominers, backdoors, webshells, and malicious scripts.

12. Broken Links

Identifies 404 errors and broken resources.

Generating Reports

  1. Complete a scan
  2. Go to File → Save Report (or press Ctrl+S)
  3. Choose a location and filename
  4. Report is saved as an HTML file

Reports include:

  • Executive summary with security score
  • All vulnerabilities with full details
  • Attack explanations
  • Fix recommendations with code examples
  • Professional formatting for client delivery

Tips for Best Results

  • Scan during off-peak hours to minimize server load
  • Use a reasonable delay (0.3-0.5s) to avoid rate limiting
  • Start with default settings, then adjust as needed
  • Re-scan after fixing issues to verify remediation
  • Keep the software updated for the latest vulnerability checks

Legal Considerations

⚠️ Important

Only scan websites you own or have explicit written permission to test. Unauthorized scanning may be illegal and could result in criminal charges. Always obtain proper authorization before scanning any website.

Troubleshooting

Scan takes too long

  • Reduce "Max Pages" setting
  • Increase "Delay" to avoid rate limiting
  • Check your internet connection

Software won't start

  • Make sure you're running Windows 10 or 11
  • Try running as Administrator
  • Check antivirus isn't blocking it

Connection errors

  • Verify the target URL is correct and accessible
  • Check your firewall settings
  • Try increasing the timeout value

Support

Need help? Contact us at taqijoburg@gmail.com

⬇️ Download Software 🔑 License Help