IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [vulnerability-scanners]

A piece of software and or hardware designed to detect the presence of vulnerabilities in an IT system.

395 questions
2
votes
1 answer

Identify crash-inducing NVT in OpenVAS

I'm currently scanning a network using OpenVAS / Greenbone Security Assistant installed on Kali Linux. During the scan, multiple targets have crashed. This is obviously something I want to investigate. As I'm running the "Full and fast" scan…
Niklas
  • 73
  • 7
2
votes
1 answer

Container Vulnerability Management

Having difficulty understanding how to translate 'traditional' vulnerability management to a cloud environment. Previously accustomed to using tools like OpenVAS and Nessus, setting up scans which target static IPs and CIDR blocks. This approach…
Scot Matson
  • 123
  • 6
2
votes
2 answers

Qualys WAS raises "150004 Path-Based Vulnerability" on an image file

Customer is running Qualys Web Application Scan and the WAS Scan Report reported: 150004 Path-Based Vulnerability on URL: https://www.example.com/mywebapp/Content/datepicker/images/ui-icons_444444_256x240.png I have verified that Directory Browsing…
Jeff Mergler
  • 121
  • 1
  • 4
2
votes
2 answers

Old browser version connected to server

I am using securityscorecard.com to security test some web sites. One of the issues it has flagged is "Outdated web browser observed". Full description is as follows... The web is constantly evolving, using different languages, protocols, and file…
vegedezozu
  • 93
  • 8
2
votes
0 answers

Shell scripts scanning tools

It has become common trend to use shell scripts from the web and directly run them: bash <(curl -sL some.random.website.com) I always view the script before running them. However, shell scripts are always more cryptic than reading a regular program.…
shivams
  • 221
  • 1
  • 5
2
votes
1 answer

What is extension intolerance in the context of TLS?

SSL Labs checks for TLS version intolerance and TLS extension intolerance. I've seen another answer on this site that covers version intolerance, but what does extension intolerance mean, specifically, in this context? The most information I could…
Polynomial
  • 132,208
  • 43
  • 298
  • 379
2
votes
0 answers

Where to run long automated scans?

I'm trying to run some automated scans without stopping for long periods of time (each scan can take anywhere from 8 hours to 3 days). I currently don't have a PC I can leave running for many days without shutting down, nor can I afford to rent some…
ChocolateOverflow
  • 3,452
  • 4
  • 17
  • 34
2
votes
0 answers

Analyzing binary by ZZUF and PEACH fuzzers

I have installed two different fuzzer ZZUF and PEACH fuzzers. Unfortunately, my lack of knowledge I could not test C++ binaries by both fuzzers. Testing binaries process is not given PEACH and ZZUF tutorials. For example abc.c int main(void) { …
Ali
  • 31
  • 3
2
votes
0 answers

How do scanners know which apache2 modules are installed?

My machines routinely get scanned by Qualys and other scanners that report my supported and patched version of php as wildly out of date (even though they're patched quarterly, I get flagged on ancient CVE's for php and apache). I'm rather sick of…
Peter Turner
  • 141
  • 1
  • 5
2
votes
0 answers

Burp Suite - Mark Issues as "Validated"

After performing a audit (formerly active and passive scan) of a web app with Burp suite I manually verify and validate the issues it identifies to rule out false positives, see what is possible with the vulnerabilities identified, etc. One thing me…
Freakazoidile
  • 21
  • 2
2
votes
2 answers

Server getting probed: why can I see successful GET requests to other sites?

I put up my site yesterday and this morning I saw a lot of requests in the logs. I have seen this before, and immediately could tell it was someone/something probing the server. Most of the requests are attempts to potential admin…
turnip
  • 785
  • 1
  • 6
  • 9
2
votes
2 answers

How to discover known vulnerabilities (CVEs) in Go executables?

Tools that discover CVEs need to create software bill-of-material. In many cases it can be done simply by inspecting files on the target system e.g. RPM or NPM index. Would it be possible to do composition analysis on Go executables in contrast to…
tsaarni
  • 121
  • 4
2
votes
3 answers

nikto's results differ from other vulnerability scanners , is it more or less accurate?

I was doing some scanning on a web application, I used OWASP zap and Nessus. The risks that these two detected were medium to low, very few vulnerabilities. Then I tried nikto, and the results were huge. It detected potential risks with the…
user177300
  • 21
  • 2
2
votes
4 answers

unix config scanner / compliance checks

I'm looking for a tool, that scans unix operating systems for configuration issues. E.g. a script that finds PermitRootLogin yes in the ssh config file or with other words: a script that automates compliance checks. Since there are quite a few…
user857990
  • 903
  • 1
  • 9
  • 21
2
votes
1 answer

How is the create-react-app package tree properly sanitized?

React, and it's application creation script, create-react-app, are popular packages nowadays... and with good reason: React is a rock-star framework. From a security perspective, sanitizing all the packages that create-react-app installs seems to be…
kmiklas
  • 129
  • 3
1 2 3
26 27