Magento Security Scan Tool
This is Magento's official security scanning tool and works for both Magento 1 and Magento 2.
You can get more info from their blog post.
- You first need to setup an account with Magento if you don't already have one: create account
- You then need to navigate to the scanner section of your Magento account and click the "GO TO SECURITY SCANNER" button: scanner
- Agree to the terms and conditions (if you're happy to do so).
- Click "+ ADD SITE".
Follow the steps outlined on the add site page and click "SUBMIT":
- Verify site ownership
Setup SSH Scan (this is marked as coming soon for now so skip this step)
Setup automatic scan.
You should now be able to run a scan from the scanner page in your account: scanner