Sansec eComscan

Sansec eComscan is a security scanning tool designed specifically for ecommerce platforms including Magento, Adobe Commerce, Shopware, and WooCommerce. The tool performs server-side deep scanning to detect malware and vulnerabilities across the full attack surface of online stores. eComscan maintains a database of over 50,000 malware signatures that are updated daily. The scanner examines files, databases, processes, scheduled tasks, and other system components to identify malicious code that may be hidden from remote scanning solutions. The tool is built using a Golang server agent that provides comprehensive coverage beyond what PCI Approved Scanning Vendors or Adobe Security Scan can detect. The Sansec Early Breach Global Detection Network monitors over 400,000 online stores daily, identifying anomalies that the research team investigates to develop new threat intelligence and signatures. This research capability allows Sansec to discover new attack methods, with 47% of their threat intelligence being previously undiscovered. eComscan offers a free scanning option via command line for Linux and Mac systems. Paid plans include detailed reporting, troubleshooting guides, and instant alerts via email, Slack, or API webhook when new security threats are detected. The tool focuses on ecommerce fraud prevention and provides application-aware reports covering known attack vectors discovered through forensics research. Sansec partners with organizations including Google's VirusTotal and Europol to contribute specialized intelligence on ecommerce security threats.