Vulnerability scanner
From Wikipedia, the free encyclopedia
A vulnerability scanner is a computer program designed to assess computers, computer systems, networks or applications for weaknesses.
They can be run either as part of vulnerability management by those tasked with protecting systems - or by black hat attackers looking to gain unauthorized access.
Types[edit]
| Part of a server log, showing attempts by a scanner to find the administration page. |
|---|
220.128.235.XXX - - [26/Aug/2010:03:00:09 +0200] "GET /db/db/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:09 +0200] "GET /db/myadmin/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:10 +0200] "GET /db/webadmin/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:10 +0200] "GET /db/dbweb/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:11 +0200] "GET /db/websql/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:11 +0200] "GET /db/webdb/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:13 +0200] "GET /db/dbadmin/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:13 +0200] "GET /db/db-admin/main.php HTTP/1.0" 404 - "-" "-"
(..)
|
- Port scanner (e.g. Nmap)
- Network vulnerability scanner (e.g. Nessus, SAINT, OpenVAS)
- Web application security scanner (e.g. Nikto, w3af)
- Database security scanner
- Host based vulnerability scanner (Lynis)
- ERP security scanner
- Single vulnerability tests
External links[edit]
- Vulnerability Scanning Tools, list at OWASP
 |
This computer networking article is a stub. You can help Wikipedia by expanding it. |
