For a limited time only, I am offering an ENTIRELY FREE detailed external security test of your site. It will cost you NOTHING. You don't need to give me any usernames, passwords or details on your hosting - I just need the URL of your site. I will then perform the test which will usually take a day or two, and send you the results which will usually be roughly half a page detailing what tests were conducted and what was found. The tests are partly automated and partly manual. I will be testing for a wide range of vulnerabilities throughout your site including SQL injection, Cross Site Scripting, malicious uploads, directory traversal, malicious includes, etc etc. In return, if you are satisfied with the free audit, I'd ask that you place our badge code somewhere visible on the lower left corner of your website - this will also further add credibility to your site and enhance visitor confidence. Now the audit is free, but of course there are a few terms and points to remember that allow me to offer this service - 1. Your site MUST have at least 1,000 UNIQUE visitors per day from predominantly US/AU/NZ/CA/UK and Western Europe 2. I will offer you assistance in the form of telling you what problems I find, and explaining them. I can not promise to guide you through fixing your code step by step, this would require that you hire a programmer and I just wouldn't have the time to be able to do this on a free audit. 3. The test will detect 98%+ methods that your website may be hacked, however to make it further secure, you would need to hire a security programmer to check your code line by line. Lastly, you will of course need to verify that you are the owner of the site that you are requesting is tested, and that would need to be done via a custom meta tag being added, and a copy of either Analytics or Awstats being provided. Any questions, please just let me know! Regards, Adam Palmer adam AT adamsinfo DOT com
How would it protect against 98% attacks, you would be having millions upon millions of different things to scan for, any real hack attempt would take on services running, or scripts running on the server, I don't see this as nothing but advertisement for your company and the person your supposedly scanning not getting anything out of your "free audit". You should update your website it's showing dates of 2009, now I don't think I would want any "Security Professional" securing my server that can't even update his own website, not to mention running a very insecure word press site. Oh well I kind of like your approach and in a way smart, free advertisement in exchange for you running automated software and having it print a report out. Just my 2 cents.