Highest Voted 'vulnerability-scanners' Questions

1

vote

1 answer

Credentials for scanning a database server's vulnerabilities

what is the required credentials for scanning a database server's vulnerabilities by using vulnerability assessment tools such as Rapid 7 Nexpose?

vulnerability-scanners

asked May 29 '15 at 03:48

IanCool

101
1
4

1

vote

1 answer

Running webserver with SSL enabled but not used

We have a web server hosted by a third party running on port 80. They have also enabled SSL but we did not use it. We are just using port 80. Right now, when I do a vulnerability scan, some SSL vulnerabilities are detected and I am concerned that if…

asked Apr 22 '15 at 09:46

Pang Ser Lark

1,929
2
16
26

1

vote

1 answer

Multiple vulnerabilities scanners at the same target

Is it safe/possible to run multiple vulnerabilities scanners on the same target simultaneously?

vulnerability-scanners

asked Mar 20 '15 at 21:26

metavaronos

145
2
9

1

vote

3 answers

How to validate report given by a white hat hacker

I give a contract to find vulnerabilities in my site to a white hat hacker. According to him he performed several attacks on my site for 15 days and find that there is no any security threats. I am not sure he actually did this or not. How can I…

php sql-injection vulnerability-scanners vulnerability

asked Jan 24 '15 at 10:38

Mohit Gupta

13
2

1

vote

1 answer

What tools are available for iOS vulnerability assessment and penetration testing

I want to start learning about VA on Apple iOS devices. Besides documentation, is there any good tool - in terms of automated vulnerability scanners, or scripts - to start?

vulnerability-scanners ios

asked Dec 12 '14 at 08:33

gbiondo

33
2
7

1

vote

2 answers

IDS across separate AWS accounts

I have two separate AWS accounts and I would like to a Vuln scanner/IDS on one to scan another. One environment is a regular AWS account and the other is in AWS Gov Cloud. Due to limitations within Gov Cloud I was only able to install my IDS on the…

ids vulnerability-scanners cloud-computing amazon

asked Oct 31 '14 at 15:18

에이바

58
6

1

vote

2 answers

Web Application Vulnerability Scan- False Positives-Recognizing and Eliminating

Web Application Vulnerability and Potential False Positives As a Penetration Tester the application vulnerability scan is a major part of any penetration testing methodology. In the Application Scanning stage there are are several different types of…

web-application vulnerability-scanners

asked Oct 15 '14 at 19:05

Sh1nu11bi

89
6

1

vote

2 answers

Penetration testing preventive or detective control?

I have always wondered if penetration testing is a preventive or detective control. My view is that it is both preventive (preventive as it scans for vulnerabilities, which can be fixed to prevent cyberattacks) and detective (detects any…

penetration-test vulnerability-scanners

asked Aug 18 '14 at 10:12

synthesis

155
1
1
15

1

vote

1 answer

What happened to S.A.T.A.N. (a.k.a. S.A.N.T.A.)

Years ago computer security analysts Dan Farmer and Wietse Venema wrote the security program S.A.T.A.N. Does anyone know what happened to it (or if it just went out of style) and what people replaced it with, if anything?

vulnerability-scanners historical

asked Jul 18 '14 at 17:51

Jeff Clayton

932
7
16

1

vote

2 answers

Why is Un1c0rn exposing wget on heartbleed?

What's the point of spotlighting wget on heartbleed dumps? I'm specifically talking about this which is the first page of wget occurencies in heartbleed dumps. They put this page as a link on the top of the main page like if that is relevant in…

known-vulnerabilities vulnerability-scanners heartbleed

asked Jul 17 '14 at 14:24

user40242

25
6

1

vote

2 answers

Does the use of plugin-id make the nessus scan intrusive in some way?

I want to know when scanning using NESSUS, though it is said its non-intrusive by default But what I want to know is how the use / definition or the testing conditions mentioned in the plugin-id effect the outcome of the scan. Does these conditions…

vulnerability-scanners nessus

asked May 09 '14 at 14:25

Saladin

1,547
3
14
23

1

vote

3 answers

How to scan a website using Nessus with login credentials

I have scanned my website using Nessus. But I need to scan it as a logged in user since most of the URLs are accessible only if we are logged in. How can I set website login credentials in Nessus?

session-management vulnerability-scanners credentials web-scanners nessus

asked Apr 30 '14 at 07:33

Harikrishnan

452
1
5
18

1

vote

0 answers

Matching vulnerabilities with upstream versions

How am I supposed to match vulnerabilities with services fingerprint, with string like these? Is there a public database to match these versions with original versions? > 5.5.29-0ubuntu0.12.04.1 > 5.5.29-0ubuntu0.12.04.2 > 5.5.31-0+wheezy1 >…

vulnerability-scanners fingerprinting fingerprint

asked Mar 03 '14 at 00:40

asdf

229
1
3
6

1

vote

2 answers

How does one decide whether to block malicious scanning activities?

On a typical day in the internet, there would be numerous botnets commanding zombie computers to scan for servers with vulnerabilities. Every now and then, a new exploit would be discovered. Then, the zombie computers would be reprogrammed to look…

web-application vulnerability-scanners

asked Jan 21 '14 at 06:09

Question Overflow

5,220
6
27
48

1

vote

3 answers

What is best method for retest blind sql vulnerability

I tested web site application with commercial automated tool.There are some blind sql injection.I want to retest this results .Is there any good method for test blind sql injection with tool or anything else ?

penetration-test known-vulnerabilities sql-injection vulnerability-scanners automated-testing

asked Dec 11 '13 at 09:45

dgn

124
2
4
13

Questions tagged [vulnerability-scanners]