Difference between revisions of "Vulnerability Scanning"
Jump to navigation
Jump to search
(→Tools) |
|||
Line 21: | Line 21: | ||
*[[Burp Suite]] | *[[Burp Suite]] | ||
+ | |||
+ | |||
+ | ==See also== | ||
+ | |||
+ | *{{Linux}} | ||
+ | *{{Security}} |
Revision as of 08:39, 5 April 2020
The vulnerability scanner uses a database to compare details about the target attack surface. The database references known flaws, coding bugs, packet construction anomalies, default configurations, and potential paths to sensitive data that can be exploited by attackers.
Types of vulnerability scanners
- Port Scanner: Probes a server or host for open ports
- Network Enumerator: A computer program used to retrieve information about users and groups on networked computers
- Network Vulnerability Scanner: A system that proactively scans for network vulnerabilities
- Web Application Security Scanner: A program that communicates with a Web application to find potential vulnerabilities within the application or its architecture
- Computer Worm: A type of self-replicated computer malware, which can be used to find out vulnerabilities
Tools
- Nessus - is one of the most famous but is not free.
See also
- Linux, Linux Foundation, Linux Kernel, man, BusyBox,
coreutils
, ELF, taskset, shell, Linux distributions, X, Virtual console,whoami
,.cer
,-T
,install
, Link Time Optimization (LTO),--silent
, NixOS,util-linux
,execve
, LinuxKit, AlmaLinux, Rocky Linux - Security: Security portfolio, Security standards, Hardening, CVE, CWE, Wireless Network Hacking, vulnerability scanner, Security risk assessment, SCA, Application Security Testing, OWASP, Data leak, NIST, SANS, MITRE, Security policy, Access Control attacks, password policy, password cracking, Password manager, MFA, OTP, UTF, Firewall, DoS, Software bugs, MITM, Certified Ethical Hacker (CEH) Contents, Security+ Malware, FIPS, DLP, Network Access Control (NAC), VAPT, SIEM, EDR, SOC, pentest, PTaaS, Clickjacking, MobSF, Janus vulnerability, Back Orifice, Backdoor, CSO, CSPM, PoLP, forensic, encryption, Keylogger, Pwn2Own, CISO, Prototype pollution
Advertising: