Highest Voted 'vulnerability-scanners' Questions

2

votes

1 answer

How fix warnings from Debsecan

I'm new in linux admin and security approach, and need some tips about warnings from Debsecan scanner tool. I have some warnings returned by simple check, like this below: CVE-2017-1000158 python2.7-minimal (remotely exploitable, high…

audit vulnerability-scanners debian

asked Dec 06 '17 at 02:37

MagicHat

121
6

2

votes

2 answers

What features should I look in vulnerability testing services?

Given the bad press in data breaches, my company is looking at pen testing options. We went through pen test guide but what else can you suggest so we don't get hacked?

web-application penetration-test vulnerability-scanners

asked Aug 04 '17 at 10:29

Ishan Mathur

2,603
2
10
9

2

votes

2 answers

Appending multiple Google dorks in a single query

My goal is to look up multiple vulns in a single google search for a particular site. (Because google makes me pay for more than 100 search api calls per day). Let's say I have 3 dorks: index of /htdocs and "Below is a rendering of the page up to…

web-application vulnerability-scanners google-dorks

asked Jul 26 '17 at 00:33

ramailo sathi

271
1
4
18

2

votes

1 answer

What OpenVAS tasks (scans) should I be running?

I have recently set up OpenVAS on my local office network. I have run a few tasks but I was curious on what tasks I should really be running and within what timeframes? clarification I'm currently going through Cyber Essentials and essentially just…

vulnerability-scanners network-scanners openvas

asked May 22 '17 at 09:48

OliverBS

445
5
14

2

votes

1 answer

Scanning for GXHLGSL.txt in server logs

I have found in my server access logs that someone is trying to access GXHLGSL.txt file. It looks like automated test (it was right after trying wp-login.php). When I googled that file I found it on several sites. It contains word TEST. What is a…

vulnerability-scanners

asked Apr 13 '17 at 08:10

user145678

21
2

2

votes

1 answer

Running a single NVT via OpenVAS?

OpenVAS has many NVTs, and running regular scans is very noisy. Is it possible to run a single NVT on a target (e.g., IP address and port)? If possible, how can I do it?

vulnerability vulnerability-scanners openvas

asked Apr 02 '17 at 07:39

Gari BN

485
1
6
14

2

votes

2 answers

Best guide/reference/roadmap for server penetration testing

I have been assigned to pen test some servers and have been provided the IPs of the same. In my past I have worked on application security testing projects and am aware of OWASP 10, SANS 25 etc. but from the server perspective I am still new. I have…

penetration-test webserver server vulnerability-scanners

asked Mar 16 '17 at 09:41

user1299086

29
1

2

votes

2 answers

Vulnerability scanner tools to use with Snort

We plan to add Snort with the firewall for our network to have improved security. The purpose, apart from protection from malicious traffic, is to customize Snort to detect and block specific traffic as per our needs. So basically i will be writing…

vulnerability-scanners snort

asked May 18 '12 at 06:20

pnp

1,818
2
26
42

2

votes

2 answers

How can a website block IPs behind a NAT?

Will a website be able to block my IP address alone somehow, while I am running a security tool behind my NAT? Or will it block my ISPs gateway IP?

ids vulnerability-scanners nat

asked Feb 03 '17 at 02:34

No_Name__

23
6

2

votes

5 answers

Can you hide your device from network scanner

My router password has changed many times, so I am wondering if someone changed it. I used Fing to scan some device and no suspicious device was detected. But I'm still not sure if someone didn't hack it.

network vulnerability-scanners

asked Jan 29 '17 at 12:36

pelochan

31
1
1
3

2

votes

2 answers

Do the Greenbone scan reports actually differ from a typical OpenVAS scan report?

My company is planning to use a Greenbone appliance in the near future and wants to analyze the results with another tool. I have access to OpenVAS with GSA so I am able to test the analysis now with existing scans. But I'm not sure if I can…

vulnerability-scanners openvas

asked Dec 08 '16 at 16:26

Tom K.

7,913
3
30
53

2

votes

1 answer

Bizarre series of web errors from vulnerability scanner OpenVAS - is this malicious?

A short series of errors just came in from Elmah. They are very peculiar, and I'm unsure as to what they represent and whether they might be malicious. It amounted to a series of 16 sequential calls to a non-existent web address. In each case the…

attacks attack-prevention vulnerability-scanners incident-analysis

asked Nov 09 '16 at 14:25

Bob Tway

549
1
4
12

2

votes

2 answers

Should an automated vulnerability test actually delete or modify data in production?

We hired an outside company to perform a vulnerability test on one of our sites. Within a few hours, we had problems. Entire tables wiped clean. Entire tables deleted. Hundreds of records in other tables gone. Some table data had been modified. This…

penetration-test vulnerability-scanners

asked Nov 04 '16 at 13:00

Learning Security

21
1

2

votes

5 answers

Scan the codebase for username passwords

What would be the best way to scan a codebase to ensure there are no production-level credentials included in the codebase? We have tried doing Static Scans via some major tools but I do still see some credentials that are still lingering around and…

passwords vulnerability-scanners credentials

asked Oct 14 '16 at 23:08

pal4life

177
1
8

2

votes

3 answers

Where does nikto tool store its default reports?

I ran the nikto security scan tool against one of our dev sites. perl nikto.pl -h mydevsitename The output mentioned 7646 requests: 14 error(s) and 3 item(s) reported on remote host None of the errors were printed on the screen, where can I find…

vulnerability vulnerability-scanners network-scanners

asked Oct 13 '16 at 19:11

pal4life

177
1
8

Questions tagged [vulnerability-scanners]