The module checks for issues that could lead to vulnerable installations
It also verifies database errors, large numbers of failed logins, administrator permissions, weak passwords, passwords included in emails sent out to users, and PHP execution access.
To install it, simply log in to the administration panel, go to the Modules section, upload the module, and activate it. Security checks can be run from the Reports center. Drupal 6.x/7.x is required to run Security Review.
Download Security Review