primumterminus.com

primumterminus.com:443  ·  2026-05-19  ·  Pentest FULL SCAN
2 Critical

Executive Summary

PQC
TLS Classification
TLSv1.3
TLS Version
X25519MLKEM768
Key Exchange
14
Total Findings
190
Risk Score
2 Critical 5 High 1 Medium 5 Low 1 Info

TLS / Cryptographic Findings

MEDIUM ECDSA Certificate on primumterminus.com:443

The certificate at primumterminus.com:443 uses ECDSA, which is vulnerable to Shor's algorithm on a quantum computer. While more resistant than RSA, ECDSA certificates will become forgeable as quantum computing matures.

Remediation: Migrate to ML-DSA-65 certificates via Qid.
SC-8SC-17 SC.3.177
INFO PQC Key Exchange Confirmed on primumterminus.com:443

primumterminus.com:443 successfully negotiated X25519MLKEM768, a post-quantum hybrid key exchange. This endpoint is protected against harvest-now-decrypt-later attacks.

Remediation: No action required for key exchange. Verify certificate algorithm.
SC-8SC-13 SC.3.177

Web Application Findings

CRITICAL Sensitive Path Exposed: /.env

The path https://primumterminus.com/.env returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

Remediation: Block public access to /.env. If this is intentional (e.g., robots.txt), ensure no sensitive data is exposed.
AC-3SC-7CM-7 AC.1.004SC.3.177 T1190T1592
CRITICAL Sensitive Path Exposed: /.git/config

The path https://primumterminus.com/.git/config returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

Remediation: Block public access to /.git/config. If this is intentional (e.g., robots.txt), ensure no sensitive data is exposed.
AC-3SC-7CM-7 AC.1.004SC.3.177 T1190T1592
HIGH Sensitive Path Exposed: /backup

The path https://primumterminus.com/backup returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

Remediation: Block public access to /backup. If this is intentional (e.g., robots.txt), ensure no sensitive data is exposed.
AC-3SC-7CM-7 AC.1.004SC.3.177 T1190T1592
HIGH Sensitive Path Exposed: /api/docs

The path https://primumterminus.com/api/docs returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

Remediation: Block public access to /api/docs. If this is intentional (e.g., robots.txt), ensure no sensitive data is exposed.
AC-3SC-7CM-7 AC.1.004SC.3.177 T1190T1592
HIGH Sensitive Path Exposed: /swagger.json

The path https://primumterminus.com/swagger.json returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

Remediation: Block public access to /swagger.json. If this is intentional (e.g., robots.txt), ensure no sensitive data is exposed.
AC-3SC-7CM-7 AC.1.004SC.3.177 T1190T1592
HIGH Sensitive Path Exposed: /openapi.json

The path https://primumterminus.com/openapi.json returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

Remediation: Block public access to /openapi.json. If this is intentional (e.g., robots.txt), ensure no sensitive data is exposed.
AC-3SC-7CM-7 AC.1.004SC.3.177 T1190T1592
HIGH Sensitive Path Exposed: /robots.txt

The path https://primumterminus.com/robots.txt returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

Remediation: Block public access to /robots.txt. If this is intentional (e.g., robots.txt), ensure no sensitive data is exposed.
AC-3SC-7CM-7 AC.1.004SC.3.177 T1190T1592
LOW SSL Certificate Expires in 48 Days

The SSL certificate for primumterminus.com expires on 2026-07-06. Plan renewal to avoid disruption.

Remediation: Schedule certificate renewal. Consider ACME-based auto-renewal.
SC-17 SC.3.177

Network / Port Findings

Open Ports (4)

80 HTTP
HTTP/1.1 301 Moved Permanently Date: Tue, 19 May 2026 03:11
443 HTTPS
HTTP/1.1 400 Bad Request Server: cloudflare Date: Tue, 19
8080 HTTP-Proxy
HTTP/1.1 301 Moved Permanently Date: Tue, 19 May 2026 03:11
8443 HTTPS-Alt
HTTP/1.1 400 Bad Request Server: cloudflare Date: Tue, 19
LOW Service Banner Disclosure on Port 80 (HTTP)

Port 80 (HTTP) reveals a service banner: HTTP/1.1 301 Moved Permanently Date: Tue, 19 May 2026 03:11:12 GMT Content-Type: text/html; charse. Version information helps attackers identify exploitable vulnerabilities.

Remediation: Suppress or genericize the service banner on port 80.
SI-11SC-7 SI.2.216 T1046
LOW Service Banner Disclosure on Port 443 (HTTPS)

Port 443 (HTTPS) reveals a service banner: HTTP/1.1 400 Bad Request Server: cloudflare Date: Tue, 19 May 2026 03:11:15 GMT Content-Type: tex. Version information helps attackers identify exploitable vulnerabilities.

Remediation: Suppress or genericize the service banner on port 443.
SI-11SC-7 SI.2.216 T1046
LOW Service Banner Disclosure on Port 8080 (HTTP-Proxy)

Port 8080 (HTTP-Proxy) reveals a service banner: HTTP/1.1 301 Moved Permanently Date: Tue, 19 May 2026 03:11:54 GMT Content-Type: text/html; charse. Version information helps attackers identify exploitable vulnerabilities.

Remediation: Suppress or genericize the service banner on port 8080.
SI-11SC-7 SI.2.216 T1046
LOW Service Banner Disclosure on Port 8443 (HTTPS-Alt)

Port 8443 (HTTPS-Alt) reveals a service banner: HTTP/1.1 400 Bad Request Server: cloudflare Date: Tue, 19 May 2026 03:11:57 GMT Content-Type: tex. Version information helps attackers identify exploitable vulnerabilities.

Remediation: Suppress or genericize the service banner on port 8443.
SI-11SC-7 SI.2.216 T1046

MITRE ATT&CK Mapping

4 techniques identified across 4 tactics

TechniqueNameTacticFindingsMitigation
T1046 Network Service Discovery Discovery 4 M1030 - Network Segmentation; M1031 - Network Intrusion Prevention
T1190 Exploit Public-Facing Application Initial Access 7 M1048 - Application Isolation and Sandboxing; M1030 - Network Segmentation; M101...
T1557 Adversary-in-the-Middle Credential Access / Collection 1 M1041 - Encrypt Sensitive Information; M1035 - Limit Access to Resource Over Net...
T1592 Gather Victim Host Information Reconnaissance 11 M1056 - Pre-compromise; minimize public information disclosure
← All Engagements