Welcome to Verdex, a fast, collaborative, and open-source tool designed to detect online service versions through feature-based analysis, even when traditional versioning information is unavailable. Verdex also determines the accurate vulnerabilities associated with the detected versions. One of the biggest challenges in defensive cybersecurity is identifying vulnerabilities in exposed services, which requires accurately determining the service version. Instead of relying on exposed headers, Verdex quickly analyzes the features present on a service. For example, if a feature was introduced in a specific version, Verdex uses this information to deduce the minimum version of the service (see How It Works for more information).
🪶 Verdex relies solely on non-aggressive methods, in particular by using mostly static assets (javascript, css and html files).
Any unauthorized use of Verdex to analyze or exploit online services is strictly prohibited and violates both our license agreement and applicable laws. Verdex must be used with explicit authorization from the owner or administrator of the targets being scanned.

Essentials

Quickstart

Learn how to run first Verdex detections in seconds.

Products

Explore the services supported by Verdex and vote for the next ones.

Detection Options

Learn about the available Verdex options to optimize your scans.

Vulnerabilities

Discover how to obtain the list of vulnerabilities.

Output Formats

Learn about the different output formats that Verdex supports.

Make it yours

Contribute

How to contribute to Verdex by improving detections or reporting issues.