IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [vulnerability-scanners]

A piece of software and or hardware designed to detect the presence of vulnerabilities in an IT system.

395 questions
3
votes
1 answer

Suddenly scans for 'formvars.php'

Suddenly, starting from about yesterday-evening (gmt+2), I get lots of -what I suspect are- 'hits' from bots that are looking variations of this file: /somerealpath/includes/formvars.php I'm curious to know what this is, and why so suddenly these…
Nanne
  • 133
  • 6
3
votes
3 answers

Besides OpenVas and Nessus, what are my other options for vulnerability detection?

I know of Nessus (which is $1300 for a pro feed) and OpenVAS (which I don't like). I use Linux so do I have any other options for vulnerability detection?
Joseph
  • 151
  • 1
  • 5
3
votes
1 answer

Is that a tool dedicated to accessing rtsp streams over IP?

Like sqlmap for databases, is there a tool that can find vulnerabilities, try default passwords, etc. for the rtsp (VoIP) protocol?
adrianTNT
  • 140
  • 6
3
votes
1 answer

SHA 1 no impact to root certificate

I ran a scan on a server and the results of the authentication for digital certificate was as follows : Certificate 1 (root) signature algorithm: Sha256withRSA Certificate 2 (chain of trust) signature algorithm: SHA256withRSA Certificate 3 (chain…
user107327
  • 41
  • 5
3
votes
1 answer

Is OpenVas an active or passive scanner?

I am using Ossim and I did a scan vulnerabilities with OpenVas. I received feedback that some of our softwares broke after the scan. We will check the logs to see if the scan cause this, but I was wondering: is OpenVas an active scanner? What are…
RandomSecGuy
  • 95
  • 1
  • 8
3
votes
1 answer

Can fuzzing be considered a software testing technique for any vulnerability type

I'm doing a research on fuzzing and I would like to know the answer to the question in the title. The cvedetails uses the following categories for vulnerabilities: Bypass a restriction or similar Cross Site Scripting Denial of service …
eleanor
  • 528
  • 2
  • 5
  • 11
3
votes
3 answers

Modeling & Simulation: Do vulnerability-scanner software simulators exist?

In my research, i am attempting to develop a simulator that mimics the output of a vulnerability scanner, given a set of parameters (e.g., Network IP ranges, number of machines to scan, typical machine configuration, etc). do these types of…
scooter
  • 31
  • 1
3
votes
4 answers

Simple tools for searching process memory for MSSQL connection strings

I'm working with a piece of software that handles all permissions in a Windows client binary on the user's computer. The software connects to a backend database using the sa account. The sa password is stored encrypted in a config file on the…
jncraton
  • 143
  • 5
3
votes
1 answer

Should we keep our penetration testing environment separate from other test infrastructure?

Given that there are N number of hosts on a given network being used for different purpose, should we place a machine for penetration testing or vulnerability scanning on same LAN or should we have that machine/host on separate network and…
Krishna Pandey
  • 1,497
  • 1
  • 16
  • 26
3
votes
1 answer

How to Verify Qualys QID 42366 - SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST)

My company uses Qualys to scan for vulnerabilities in our apps. I received a report with four vulnerabilities (related to SSLv3 and ciphers), and I could google each one and land on page from Qualys that specifies a manual command I could run to…
Matthew Moisen
  • 251
  • 1
  • 3
  • 9
3
votes
3 answers

How to exploit this SQL injection vulnerability?

I am learning SQL injection on a vulnerable web app. I scanned it with w3af. It showed many vulnerabilities. One of them is: SQL injection in a Microsoft SQL database was found at: "http://www.example.com/Login.aspx?CurrentPage=Login", using HTTP…
narayan
  • 383
  • 1
  • 4
  • 11
3
votes
2 answers

Nikto scan says "Uncommon Header"

I have a problem with the Nikto Web Scanner. I would like to scan a site but Nikto returned the response with a HTTP 403 status code: After that I tried to change the USERAGENT in nikto.conf. Nikto is now able to return with HTTP 200 status code…
Traveller
  • 103
  • 1
  • 2
  • 8
2
votes
2 answers

Scan Novell NetWare backend with Windows servers and clients

Could anyone provide some insight on performing an internal vulnerability assessment regarding Novell NetWare as the backend with client workstations and servers running various versions of Windows? Essentially, I'm looking for tools or techniques…
Pentest
  • 143
  • 1
  • 1
  • 6
2
votes
1 answer

Freelance web app tester law on breach after scan

If I was to do a web app test on a companies site and I didn't spot something and the company was breached via the app I tested what come back could I possibly have ? How could I protect myself legally ?
OliverBS
  • 445
  • 5
  • 14
2
votes
3 answers

Creating a website to test my scanner that I scripted

Hi I looked around on Google and this site for about the last hour and I couldn't find anything that gave a direct answer to my question. I changed the code around in a scanner that I used in the past, I've used other web hosts in the past to create…
salmaass
  • 39
  • 2
1 2 3
26 27