Difference between revisions of "Vulnerability Scanning"
Jump to navigation
Jump to search
(→Tools) |
(→Tools) |
||
(4 intermediate revisions by the same user not shown) | |||
Line 14: | Line 14: | ||
* [[nmap]] | * [[nmap]] | ||
* [[ZMap]] | * [[ZMap]] | ||
+ | * [[Masscan]] | ||
* [[OpenVAS]] | * [[OpenVAS]] | ||
* [[Qualys]] | * [[Qualys]] | ||
Line 19: | Line 20: | ||
* [[OpenSCAP]] | * [[OpenSCAP]] | ||
* [[GitHub code scanning]] | * [[GitHub code scanning]] | ||
+ | * [[GitLab Auto DevOps feature]] | ||
== [[DevSecOps]] == | == [[DevSecOps]] == | ||
− | * [[JFrog Artifactory]] | + | * [[JFrog Artifactory vulnerability scanning]] |
== Services == | == Services == | ||
Line 28: | Line 30: | ||
* [[Cobalt.io]] [[PTaaS]] | * [[Cobalt.io]] [[PTaaS]] | ||
* [[GitHub security]] | * [[GitHub security]] | ||
+ | * [[VAPT]] | ||
− | ==See also== | + | == See also == |
+ | * {{nmap}} | ||
* {{Security tools}} | * {{Security tools}} | ||
* {{pentest}} | * {{pentest}} |
Latest revision as of 10:15, 8 November 2024
The vulnerability scanner uses a database to compare details about the target attack surface. The database references known flaws, coding bugs, packet construction anomalies, default configurations, and potential paths to sensitive data that can be exploited by attackers.
Types of vulnerability scanners[edit]
- Port Scanner: Probes a server or host for open ports
- Network Enumerator: A computer program used to retrieve information about users and groups on networked computers
- Network Vulnerability Scanner: A system that proactively scans for network vulnerabilities
- Web Application Security Scanner: A program that communicates with a Web application to find potential vulnerabilities within the application or its architecture
- Computer Worm: A type of self-replicated computer malware, which can be used to find out vulnerabilities
Tools[edit]
- Nessus - is one of the most famous but is not free.
- Wireshark
- nmap
- ZMap
- Masscan
- OpenVAS
- Qualys
- Burp Suite
- OpenSCAP
- GitHub code scanning
- GitLab Auto DevOps feature
DevSecOps[edit]
Services[edit]
- Detectify web service: https://detectify.com/
- Tenable.io service: https://www.tenable.com/products/tenable-io
- Cobalt.io PTaaS
- GitHub security
- VAPT
See also[edit]
- Security tools: Vulnerability scanner, port scan, Host sweep,
nmap
,nping
,ncat, nc
,psad
, Gordon Lyon - Security tools: Password cracking, Vulnerability Scanning, Chainguard
- Pentest, PTaaS, Cloud security, Vulnerability Scanning, MobSF, Cobalt.io, Panorays, Red team, Haveibeenpwned.com
- Certifications: Certified Ethical Hacker (CEH), Certified Ethical Hacker (CEH) Exam
- Application Security Testing (SAST, DAST, IAST): Fortify WebInspect, GitLab Ultimate, flawfinder, Kubesec, Coverity, SonarQube, SCA, Checkmarx
Advertising: