IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [vulnerability-scanners]

A piece of software and or hardware designed to detect the presence of vulnerabilities in an IT system.

395 questions
-1
votes
1 answer

Scanner / tool to generate a list with all forms and input fields of a website

I'm not very experienced with information security but know some basics about injection attacks and other web based attacks. Is there a tool / crawler to find all forms and input fields of a whole website? I know addons for firefox and chrome…
clinical
  • 111
  • 1
  • 4
-1
votes
1 answer

OpenSource considered harmfull?

What would you think about military strategist who is publishing full plans for all of important infrastructure? I think that person will be stupid. Can be this analogy case with OpenSource? Here is one possible scenario of attack on OpenSource…
user3123061
  • 121
  • 4
-1
votes
2 answers

How do you search for new vulnerabilities?

I've been asked this question, and I really don't know how would I do it. My answer was to take known vulnerabilities and try to exploit them on a different way, but this is not really a new vulnerability, rather a new attack based on a known…
The Illusive Man
  • 10,487
  • 16
  • 56
  • 88
-1
votes
1 answer

How to understand the client-server structure of Host-based Vulnerability Scanner?

We know that vulnerability scanners have three model types: Host-based, Network and Database. The Host-based vulnerability scanner uses a client-server structure, and the host will run an agent. How to understand the client-server structure? Is the…
aircraft
  • 136
  • 6
-1
votes
1 answer

scanning my site for JavaScript/XSS vulnerabilities

It have had a report that my site may have a security issue and there is some JavaScript loading 10 times per second. www.ayrshireminis.com Is there anyway that I can "scan" my site to check if there is any vulnerable JavaScript, or JavaScript that…
crmpicco
  • 107
  • 3
-1
votes
1 answer

Attack Surface Analyzer report possible actions

I am using Microsoft's Attack Surface Analyzer, and I would like to get a better understanding of what would be the best way to mitigate the findings. For example if in my report I get Directories Containing Objects With Weak ACLs, Description: The…
0siris
  • 91
  • 8
-1
votes
1 answer

Free Web vulnerability analyzer and crawler (Windows)

I like to know what are the Free Web Vulnerability scanning tools available for Windows.Tools like Netsparker are pretty good but super expensive. I know there are pretty good tools in Kali Linux. What are the good Free Web Vulnerability scanning…
user3496510
  • 1,257
  • 2
  • 12
  • 26
-1
votes
2 answers

What are the limitations of vulnerability scanners?

What are the limitations of vulnerability scanners? If it is related to how these scanners work, how these work?
user27515
  • 111
  • 1
  • 1
-1
votes
1 answer

Are there pricing standards for Vulnerability assessment and penetration testing (VAPT) services?

Generally, to conduct vulnerability assessment and penetration testing (VAPT) for an application, we do charge some amount from the client, based on which criteria the companies charge their customers. Suppose there are 1000 input fields and 20…
sairam.nalluri
  • 1
  • 2
-1
votes
2 answers

Check which ports are left open (vulnerable) and accessible in Windows OS from the Internet

Since open ports are a security risk, I would like to know which ports are open to the Internet (outside my network). I wouldn't think of all open ports as security vulnerabilities just the ones exposed to the Internet. Is there a tool to check…
toddlermenot
  • 29
  • 2
-2
votes
2 answers

Will cyber security be around forever?

As time goes on, won't computers be able to automatically test for vulnerabilities to the point where they will not be prevalent any more? What I'm essentially asking is will information security be a growing field forever or will it dwindle and…
user2514631
  • 107
  • 3
-2
votes
1 answer

What are the security measures to be taken before launching a site with credit card payments?

We just completed functionality testing of our new e-commerce site and going to launch.We are accepting credit card payments. I'm really concerned about it's security.What are the precautions to be taken? I'm not so good at web security. Please…
Harikrishnan
  • 452
  • 1
  • 5
  • 18
-2
votes
1 answer

Nexpose Vulnerability scanner

Is it normal to get 3000+ vulnerabilities while scanning server using Nexpose? Or I can reduce the vulnerability to decent count by some tweaks!
Guru
  • 21
  • 2
-2
votes
1 answer

Web application security vulnerability managment

Does anyone know of a way to manage Web application security vulnerabilities? Im looking for a tool that might integrate with selenium and or burp. I'm want to be able to run the tests over and over. In the application we need to be in a certain…
bdawg
  • 187
  • 12
-2
votes
1 answer

Web Application Security Scanner Identification

We got following URLs in our access logs. No referrer. Chrome user agent. Looks like some security scanner is/was at work. Is it possible to identify it? Many urls have references to…
Sameer Naik
  • 117
  • 2
1 2 3
26
27