VAPT Tools
Vulnerability Assessment and Penetration Testing (VAPT) consists of a comprehensive range of security testing services designed to identify and address cybersecurity vulnerabilities.

note
Helium offers a variety of VA Scanners and Pentest Tools. Below are the different types available.
VA Scanner
| VA Scanner | Function |
|---|---|
| Website Scanner | Discover vulnerabilities in web applications, including SQL Injection, XSS, and more. |
| Network Scanner | Identify outdated network services, insecure software configurations, missing security patches, and other system vulnerabilities. |
| API Scanner | Identify potential vulnerabilities in API endpoints and improve IoT network security. |
| Wordpress Scanner | Detect vulnerabilities in WordPress sites, such as outdated plugins or themes, insecure configurations, authentication weaknesses, and risks like SQL Injection, XSS, and RCE. It also provides actionable recommendations to enhance WordPress security. |
Pentest Tools
| Pentest Tools | Function |
|---|---|
| Attack Surface Monitoring | Monitor and detect open ports, technologies used, identified subdomains, SSL and domain expiration dates, as well as security headers on your targets. |
| Bruteforce | Test and find weak service credentials on Web Apps, SSH, FTP, MySQL, Telnet, and other protocols. |
| Find Website Directory | Discover hidden directories and files on a website, streamline the information-gathering process. |
| SQLI Exploitation | Discover and verify SQL Injection vulnerabilities within web applications. |
| XSS Hunting | Validate your Proofs-of-Concept and demonstrate the real-world risks of XSS vulnerabilities in web applications. |
info
- To use the XSS Hunting tool, users can only access it directly via the navigation menu. :::
Users can access these tools through the Targets page. When performing a scan via the Targets page, the target value is already pre-defined from when the target was added, allowing you to run the tools directly against it. Once the scanning process is complete, you will receive an email notification. If Telegram or Slack integrations are enabled, notifications will also be sent to those platforms.
:::