app.investorintros.com

app.investorintros.com:443  ·  2026-05-08  ·  Pentest FULL SCAN
1 High

Executive Summary

PQC
TLS Classification
TLSv1.3
TLS Version
X25519MLKEM768
Key Exchange
5
Total Findings
20
Risk Score
1 High 3 Low 1 Info

TLS / Cryptographic Findings

HIGH RSA-2048 Certificate on app.investorintros.com:443

The certificate at app.investorintros.com:443 uses RSA-2048, which Shor's algorithm can break in polynomial time on a quantum computer. Certificates signed with RSA are quantum-forgeable — a quantum adversary could impersonate this endpoint or forge signatures retroactively.

Remediation: Replace the RSA certificate with an ML-DSA-65 certificate issued by Qid. ML-DSA-65 (FIPS 204) is quantum-safe and cannot be forged by quantum computers.
SC-8SC-17IA-5 SC.3.177IA.3.083
INFO PQC Key Exchange Confirmed on app.investorintros.com:443

app.investorintros.com:443 successfully negotiated X25519MLKEM768, a post-quantum hybrid key exchange. This endpoint is protected against harvest-now-decrypt-later attacks.

Remediation: No action required for key exchange. Verify certificate algorithm.
SC-8SC-13 SC.3.177

Web Application Findings

LOW SSL Certificate Expires in 68 Days

The SSL certificate for app.investorintros.com expires on 2026-07-16. Plan renewal to avoid disruption.

Remediation: Schedule certificate renewal. Consider ACME-based auto-renewal.
SC-17 SC.3.177

Network / Port Findings

Open Ports (2)

80 HTTP
HTTP/1.0 308 Permanent Redirect Content-Type: text/plain L
443 HTTPS
HTTP/1.0 308 Permanent Redirect Content-Type: text/plain
LOW Service Banner Disclosure on Port 80 (HTTP)

Port 80 (HTTP) reveals a service banner: HTTP/1.0 308 Permanent Redirect Content-Type: text/plain Location: https://app.investorintros.com/. Version information helps attackers identify exploitable vulnerabilities.

Remediation: Suppress or genericize the service banner on port 80.
SI-11SC-7 SI.2.216 T1046
LOW Service Banner Disclosure on Port 443 (HTTPS)

Port 443 (HTTPS) reveals a service banner: HTTP/1.0 308 Permanent Redirect Content-Type: text/plain. Version information helps attackers identify exploitable vulnerabilities.

Remediation: Suppress or genericize the service banner on port 443.
SI-11SC-7 SI.2.216 T1046

MITRE ATT&CK Mapping

3 techniques identified across 3 tactics

TechniqueNameTacticFindingsMitigation
T1046 Network Service Discovery Discovery 2 M1030 - Network Segmentation; M1031 - Network Intrusion Prevention
T1557 Adversary-in-the-Middle Credential Access / Collection 1 M1041 - Encrypt Sensitive Information; M1035 - Limit Access to Resource Over Net...
T1592 Gather Victim Host Information Reconnaissance 2 M1056 - Pre-compromise; minimize public information disclosure
← All Engagements