A network vulnerability scanner is a computer program designed to assess computers, computer systems, networks for weaknesses.
Results 1 - 15 of 15
OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user fontend. The core is a server component with a set of plugins to test various vulnerabilities in remote systems and applications. The release introduces new features and a new architecture which forms the basis for turning the vulnerability scanner into a vulnerability management solution. The GPL-licensed Open Vulnerability Assessment System (OpenVAS) has become the Open Source Network Vulnerability Scanner. It is complemented with the largest open collection of vulnerability tests, the daily updated OpenVAS NVT Feed with over 15,500 Network Vulnerability Tests (NVTs).
Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, hosting, and other ISP environments. Watcher detects Web-application security issues as well as operational configuration issues. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing. It looks for issues related to mashups, user-controlled payloads (potential XSS), cookies, comments, HTTP headers, SSL, Flash, Silverlight, referrer leaks, information disclosure, Unicode, and more.
Watcher is built as a plugin for the Fiddler HTTP debugging proxy available at www.fiddlertool.com. Fiddler provides all of the rich functionality of a good Web/HTTP proxy. With Fiddler you can capture all HTTP traffic, intercept and modify, replay requests, and much much more. Fiddler provides the HTTP proxy framework for Watcher to work in, allowing for seamless integration with today’s complex Web 2.0 or Rich Internet Applications. Watcher runs silently in the background while you drive your browser and interact with the Web-application. Watcher is built in C# as a small framework with 30+ checks already included. It's built so that new checks can be easily created to perform custom audits specific to your organizational policies, or to perform more general-purpose security assessments.
Webshag is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing. Webshag can be used to scan a web server in HTTP or HTTPS, through a proxy and using HTTP authentication (Basic and Digest). In addition to that it proposes innovative IDS evasion functionalities aimed at making correlation between request more complicated (e.g. use a different random per request HTTP proxy server). It also provides innovative functionalities like the capability of retrieving the list of domain names hosted on a target machine and file fuzzing using dynamically generated filenames (in addition to common list-based fuzzing).
Webshag URL scanner and file fuzzer are aimed at reducing the number of false positives and thus producing cleaner result sets. For this purpose, webshag implements a web page fingerprinting mechanism resistant to content changes. This fingerprinting mechanism is then used in a false positive removal algorithm specially aimed at dealing with "soft 404" server responses. Webshag provides a full featured and intuitive graphical user interface as well as a text-based command line interface and is available for Linux and Windows platforms, under GPL license.
Seccubus effectively reduces the analysis time for subsequent scans of the same infrastructure by only reporting delta findings. Anyone who has ever used Nessus or OpenVAS will be familiar with one of their biggest drawbacks. They a very valuable tools, but unfortunately it is also very noisy. The time needed to report on the findings of a scan will often be two or three times the time needed to do the actual scan. Seccubus was created in order to more effectively analyze the results of regular vulnerability scans of the same infrastructure. Seccubus runs vulnerability scans at regular intervals and compares the findings of the last scan with the findings of the previous scan. The delta of this scan is presented in a web GUI when findings can be easily marked as either real findings or non-issues. Non issues get ignored until they change. This causes a dramatically reduction a analysis time. *Seccubus the new name for AutoNessus*
Websecurify Security Testing Framework identifies web security vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The framework is written in JavaScript and successfully executes in numerous platforms including modern browsers with support for HTML5, xulrunner, xpcshell, Java, V8 and others. The Websecurify initiative is proudly sponsored by GNUCITIZEN, a leading body in the spheres of offensive and defensive information security research and technology.
Sambascan2 allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds. The difference between sambascan2 and other SMB viewers and scanners is that it will scan everything using TCP/IP, and it will not send a lot of broadcast messages, so it can be used over LAN boundaries. It only uses Samba to scan the shares and their contents. It can also scan known hosts and search indexed files. Sambascan2 is a small bash-script, which can scan for SMB-shares in a given Netz. It currently needs nmap, find, smbclient, sed and grep. It was only written to scan in public shares and not in private ones (this may change with the time).
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. It can be run without prior installation, so inclusion on read only storage is no problem (USB stick, cd/dvd). Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOX (Sarbanes-Oxley) compliance audits.
The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP. The Security Content Automation Protocol (SCAP) is a synthesis of interoperable specifications derived from community ideas. Community participation is a great strength for SCAP, because the security automation community ensures the broadest possible range of use cases is reflected in SCAP functionality. This Web site is provided to support continued community involvement. From this site, you will find information about both existing SCAP specifications and emerging specifications relevant to NIST's security automation agenda. You are invited to participate, whether monitoring community dialog or leading more substantive activities like specification authorship.
PenTBox is a Security Suite that packs a lot of security and stability testing oriented programs for networks and systems. For example, the Suite has Honeypot, TCP Flood Denial of Service testing tools, Secure Instant Messaging, Port Scanner, Fuzzer, Secure passwords generator and more. All programs are being developed by PenTBox Team and the contributors of the Free Software community to the project. Programmed in Ruby, and oriented to GNU/Linux systems (but compatible with Windows, MacOS and more). It is free, licensed under GNU/GPLv3. If you want to report errors, give feedback and new code or ideas, contact we.
The OVAL Interpreter is a freely available reference implementation created to show how information can be collected from a computer for testing, to evaluate and carry out the OVAL Definitions for that platform, and to report the results of the tests. Developed by MITRE to demonstrate the usability of OVAL Definitions and to ensure correct syntax and adherence to the OVAL Schemas by definition writers, it is not a fully functional scanning tool and has a simplistic user interface but running the Interpreter will provide a list of OVAL-IDs and their references (e.g., CVE Identifiers) determined by OVAL to be present on the system.
Fierce domain scan was born out of personal frustration after performing a web application security audit. It is traditionally very difficult to discover large swaths of a corporate network that is non-contiguous. It's terribly easy to run a scanner against an IP range, but if the IP ranges are nowhere near one another you can miss huge chunks of networks.First what Fierce is not. Fierce is not an IP scanner, it is not a DDoS tool, it is not designed to scan the whole internet or perform any un-targeted attacks. It is meant specifically to locate likely targets both inside and outside a corporate network.
Only those targets are listed (unless the -nopattern switch is used). No exploitation is performed (unless you do something intentionally malicious with the -connect switch). Fierce is a reconnaissance tool. Fierce is a Perl script that quickly scans domains (usually in just a few minutes, assuming no network lag) using several tactics.
Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are avalable for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), and a utility for comparing scan results (Ndiff).
The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks. Nessus is a complete network vulnerability scanner which includes high-speed checks for thousands of the most commonly updated vulnerabilities, a wide variety of scanning options, an easy-to-use interface, and effective reporting. *Close source after 3.0*
Unicornscan is a new information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL license. The project is an attempt at a User-land Distributed TCP/IP stack. It is intended to provide a researcher a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network.
Unicornscan can be used as a scalable port scanner. It uses CPU specific instructions to track the packets per second you specify as closely as possible. From a single Pentium system, it is typical to be able to generate up to 25,000 PPS or more (depending on hardware capabilities). The PPS limit will scale with your architecture accordingly. This single system PPS limit can be scaled however as we support clusters of scanners working together.
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired). This is not designed as an overly stealthy tool. It will test a web server in the shortest timespan possible, and it's fairly obvious in log files. However, there is support for LibWhisker's anti-IDS methods in case you want to give it a try (or test your IDS system).
Not every check is a security problem, though most are. There are some items that are "info only" type checks that look for items that may not have a security flaw, but the webmaster or security engineer may not know are present on the server. These items are usually marked appropriately in the information printed. There are also some checks for unknown items which have been seen scanned for in log files.