Top 5 Vulnerability Scanning Tools

29/12/2020
The process of recognition, categorization and mitigation of vulnerabilities present in a network or application is called vulnerability scanning or assessment. A vulnerability refers to as a threat that can result into system compromise or data loss. Vulnerability scanning tools automate the process of vulnerability scanning. They maintain a database of vulnerabilities to scan for potential exploits in a system or application. These are used by companies that have large corporate networks and web applications which normally can’t be tested manually.

There are a lot of Open source and Proprietary vulnerability scanners in the market but we’ll discuss some popular and capable vulnerability scanners available.

Nessus

Nessus is the most famous and effective cross-platform vulnerability scanner. It has a Graphical User Interface and is compatible with almost every operating system including Windows, MAC and Unix like Operating systems. It was a freeware and open source product initially, but then in 2005 it was close sourced and removed from open source projects. Now, its professional version costs around $2,190 per year according to their website, which is still much cheaper that as compared to its competitors’ products. A limited freeware ‘Nessus Home’ version is also available, but this version doesn’t have all of its features and can be used only for home networks.

It has continuous commercial and community support and is update regularly. It can automatically scan remote/local servers and web application for vulnerabilities. It has its own scripting language which can be used to write plugins and extensions. Its freeware can be downloaded from https://www.tenable.com/downloads/nessus

We’ll try nessus on Ubuntu, for that we’ll download .deb package from the website. After that, type this in your terminal

ubuntu@ubuntu:~$ cd Downloads/
ubuntu@ubuntu:~/Downloads$ sudo dpkg -i Nessus-8.1.2-debian6_amd64.deb

Then type

ubuntu@ubuntu:~$ sudo /etc/init.d/nessusd start

This will start a nessus service on port 8834. Now go to https://127.0.0.1:8834/ to access Nessus Web UI.

This will warn you for insecure connection but click on “Advanced” and confirm security exception. Now create a user and sign up for Nessus to generate a key to Use its Trial.

Nmap

Nmap is the most flexible and comprehensive open source tool that is used for network discovery and security scanning. It can do everything from port scanning to fingerprinting Operating systems and vulnerability scanning. Nmap has both CLI and GUI interfaces, the Graphical User Interface is called Zenmap. It has its own scripting engine and comes with pre-written .nse scripts used for vulnerability scanning. It has a lot of varying options to do quick and effective scans. Here’s how to install Nmap in Linux.

ubuntu@ubuntu:~$ sudo apt-get update
ubuntu@ubuntu:~$ sudo apt-get upgrade -y
ubuntu@ubuntu:~$ sudo apt-get install nmap -y

Now we’ll use Nmap to scan a server (hackme.org) for open ports and to list services available on those ports, its really easy. Just type nmap and the server address.

$ nmap hackme.org

To scan for UDP ports, include -sU option with sudo because it requires root privileges.

$ sudo nmap -sU hackme.org

Nmap has its own scripting engine “nse” in which you can write your own vulnerability scanning scripts. Nmap comes pre-installed with a lot of vulnerability scanning scripts which can be used using “–script” command.

There are a lot of other options available in Nmap such as:
-p- : Scan for all 65535 ports
-sT : TCP connect scan
-O : Scans for operating system running
-v : verbose scan
-A : Aggressive scan, scans for everything
-T[1-5] : To set the scanning speed
-Pn : Incase the server blocks ping
-sC : Scan using all default scripts

Nikto

Nikto is a simple, free and Open Source Scanner which is able to perform scanning for more than 6400 potentials threats and files. It also scans Web Server’s version to check for version related problems. It scans Web Server’s configurations such as HTTP allowed methods, default directories and files. It also supports plugins, proxies, different output formats and multiple scan options.

To install Nikto in Debian Linux, type

ubuntu@ubuntu:~$ sudo apt-get update && sudo apt-get upgrade
ubuntu@ubuntu:~$ sudo apt -y install nikto

Usage Example:

ubuntu@ubuntu:~$ nikto -h http://canyouhack.us

OPENVAS

OpenVAS is a forked version of last free Nessus on github after it was close sourced in 2005. For its plugins, it still uses the same NASL Language of Nessus. It’s a free, Open Source and powerful network vulnerability scanner.

To install OpenVAS in Ubuntu or any debian Linux distro, you’ll need Kali Linux repositories, execute this in your terminal.

ubuntu@ubuntu:~$ sudo apt-key adv –keyserver pgp.mit.edu –recv-keys ED444FF07D8D0BF6
ubuntu@ubuntu:~$ sudo echo ‘# Kali linux repositories ndeb
http://http.kali.org/kali kali-rolling main contrib non-free’
>>
/etc/apt/sources.list
ubuntu@ubuntu:~$ sudo apt-get update

[NOTE] Don’t run apt upgrade with Kali repositories

ubuntu@ubuntu:~$ sudo apt install openvas -y

Now, auto-configure it using the following command. It’ll configure openvas service and generate a user and its password.

ubuntu@ubuntu:~$ sudo openvas-setup

Go to the web GUI link and login with the username and password. To run a scan on your network, go to Scans > Tasks and Click on Wizard button.

Nexpose

Nexpose is an amazing vulnerability scanner, analyzer and management software that uses the power of Metasploit Framework to scan and exploit vulnerabilities. It offers a standalone product that could be a VM, container or a piece of software. It has a Graphical User Interface based on web. It offers all-in-one package for all needs of vulnerability scanning, exploitation and mitigation.

You can download Trial Version of Nexpose here at https://www.rapid7.com/products/nexpose/

Conclusion

Vulnerability scanning is necessary for both home and corporate networks to deal with vulnerability threats. There is a wide range of scanners that are available in the market. How you choose one it depends upon your usage. If you want to scan your home network, OpenVAS might be the best but if you want to scan and manage a large corporate sector, you should look for some commercial vulnerability scanners.

ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

OAuth Login Management

Important things you need to know about OAuth OAuth is something every developer must know about. If you are making a standalone...
28/12/2020

What is Network Penetration Testing

This tutorial briefly explains what is network penetration testing, lists some of the main tools used to carry out pen...
29/12/2020

How to check for open ports on Linux

Checking for open ports is among the first steps to secure your device. Listening services may be the entrance for attackers...
29/12/2020
Bài Viết

Bài Viết Mới Cập Nhật

Mua Proxy V6 Nuôi Facebook Spam Hiệu Quả Tại Onetcomvn
03/06/2024

Hướng dẫn cách sử dụng ProxyDroid để duyệt web ẩn danh
03/06/2024

Mua proxy Onet uy tín tại Onet.com.vn
03/06/2024

Thuê mua IPv4 giá rẻ, tốc độ nhanh, uy tín #1
28/05/2024

Thuê địa chỉ IPv4 IPv6 trọn gói ở đâu chất lượng, giá RẺ nhất?
27/05/2024