A piece of software and or hardware designed to detect the presence of vulnerabilities in an IT system.
Questions tagged [vulnerability-scanners]
395 questions
3
votes
1 answer
Suddenly scans for 'formvars.php'
Suddenly, starting from about yesterday-evening (gmt+2), I get lots of -what I suspect are- 'hits' from bots that are looking variations of this file:
/somerealpath/includes/formvars.php
I'm curious to know what this is, and why so suddenly these…
![](../../users/profiles/9352.webp)
Nanne
- 133
- 6
3
votes
3 answers
Besides OpenVas and Nessus, what are my other options for vulnerability detection?
I know of Nessus (which is $1300 for a pro feed) and OpenVAS (which I don't like).
I use Linux so do I have any other options for vulnerability detection?
![](../../users/profiles/8954.webp)
Joseph
- 151
- 1
- 5
3
votes
1 answer
Is that a tool dedicated to accessing rtsp streams over IP?
Like sqlmap for databases, is there a tool that can find vulnerabilities, try default passwords, etc. for the rtsp (VoIP) protocol?
![](../../users/profiles/68842.webp)
adrianTNT
- 140
- 6
3
votes
1 answer
SHA 1 no impact to root certificate
I ran a scan on a server and the results of the authentication for digital certificate was as follows :
Certificate 1 (root) signature algorithm: Sha256withRSA
Certificate 2 (chain of trust) signature algorithm: SHA256withRSA
Certificate 3 (chain…
![](../../users/profiles/107327.webp)
user107327
- 41
- 5
3
votes
1 answer
Is OpenVas an active or passive scanner?
I am using Ossim and I did a scan vulnerabilities with OpenVas. I received feedback that some of our softwares broke after the scan. We will check the logs to see if the scan cause this, but I was wondering:
is OpenVas an active scanner? What are…
![](../../users/profiles/106805.webp)
RandomSecGuy
- 95
- 1
- 8
3
votes
1 answer
Can fuzzing be considered a software testing technique for any vulnerability type
I'm doing a research on fuzzing and I would like to know the answer to the question in the title. The cvedetails uses the following categories for vulnerabilities:
Bypass a restriction or similar
Cross Site Scripting
Denial of service
…
![](../../users/profiles/7670.webp)
eleanor
- 528
- 2
- 5
- 11
3
votes
3 answers
Modeling & Simulation: Do vulnerability-scanner software simulators exist?
In my research, i am attempting to develop a simulator that mimics the output of a vulnerability scanner, given a set of parameters (e.g., Network IP ranges, number of machines to scan, typical machine configuration, etc).
do these types of…
![](../../users/profiles/7761.webp)
scooter
- 31
- 1
3
votes
4 answers
Simple tools for searching process memory for MSSQL connection strings
I'm working with a piece of software that handles all permissions in a Windows client binary on the user's computer. The software connects to a backend database using the sa account. The sa password is stored encrypted in a config file on the…
![](../../users/profiles/93257.webp)
jncraton
- 143
- 5
3
votes
1 answer
Should we keep our penetration testing environment separate from other test infrastructure?
Given that there are N number of hosts on a given network being used for different purpose, should we place a machine for penetration testing or vulnerability scanning on same LAN or should we have that machine/host on separate network and…
![](../../users/profiles/44591.webp)
Krishna Pandey
- 1,497
- 1
- 16
- 26
3
votes
1 answer
How to Verify Qualys QID 42366 - SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST)
My company uses Qualys to scan for vulnerabilities in our apps. I received a report with four vulnerabilities (related to SSLv3 and ciphers), and I could google each one and land on page from Qualys that specifies a manual command I could run to…
![](../../users/profiles/89051.webp)
Matthew Moisen
- 251
- 1
- 3
- 9
3
votes
3 answers
How to exploit this SQL injection vulnerability?
I am learning SQL injection on a vulnerable web app. I scanned it with w3af. It showed many vulnerabilities. One of them is:
SQL injection in a Microsoft SQL database was found at: "http://www.example.com/Login.aspx?CurrentPage=Login", using HTTP…
![](../../users/profiles/849.webp)
narayan
- 383
- 1
- 4
- 11
3
votes
2 answers
Nikto scan says "Uncommon Header"
I have a problem with the Nikto Web Scanner.
I would like to scan a site but Nikto returned the response with a HTTP 403 status code:
After that I tried to change the USERAGENT in nikto.conf. Nikto is now able to return with HTTP 200 status code…
![](../../users/profiles/86227.webp)
Traveller
- 103
- 1
- 2
- 8
2
votes
2 answers
Scan Novell NetWare backend with Windows servers and clients
Could anyone provide some insight on performing an internal vulnerability assessment regarding Novell NetWare as the backend with client workstations and servers running various versions of Windows?
Essentially, I'm looking for tools or techniques…
![](../../users/profiles/4762.webp)
Pentest
- 143
- 1
- 1
- 6
2
votes
1 answer
Freelance web app tester law on breach after scan
If I was to do a web app test on a companies site and I didn't spot something and the company was breached via the app I tested what come back could I possibly have ?
How could I protect myself legally ?
![](../../users/profiles/10634.webp)
OliverBS
- 445
- 5
- 14
2
votes
3 answers
Creating a website to test my scanner that I scripted
Hi I looked around on Google and this site for about the last hour and I couldn't find anything that gave a direct answer to my question. I changed the code around in a scanner that I used in the past, I've used other web hosts in the past to create…
![](../../users/profiles/68033.webp)
salmaass
- 39
- 2