hello everyone today i am gonna mention about vulnerability Discovery/Scanning mehtods and tools which one is the most populer or free and you will see how to do it simply. but before we start i need to say preliminary informations about my case. I assume we are normal users in the network or IT manager gave us access to pentest. This mean you can test in your home, school and business but be careful i highly recommend ask your institution before do it. It might be some problem. Anyway let’s start.

Types of Vulnerability Scanners
Vulnerability scanners have their ways of doing jobs. We can classify the vulnerability scanners into four types based on how they operate.

Cloud-Based Vulnerability Scanners
Used to find vulnerabilities within cloud-based systems such as web applications, WordPress, and Joomla.

Host-Based Vulnerability Scanners
Used to find vulnerabilities on a single host or system such as an individual computer or a network device like a switch or core-router.

Network-Based Vulnerability Scanners
Used to find vulnerabilities in an internal network by scanning for open ports. Services running on open ports determined whether vulnerabilities exist or not with the help of the tool.

Database-Based Vulnerability Scanners
Used to find vulnerabilities in database management systems. Databases are the backbone of any system storing sensitive information

NESSUS

Nessus is trusted by more than 30,000 organizations worldwide as one of the most widely deployed security technologies on the planet – and the gold standard for vulnerability assessment.

There is available free version with some restrictions as you guess :). you can download from this link you can choose one of them but i will show you on essantial version. But in order to download you must register because you are gonna get activation code. You can downloand according to your operating system. Unfortunately i will show you only on Kali linux.

If you are debian and linux users. you can follow these commands. Also if you don’t understand what does these commands mean. you can find my other article.

*cd Download , * write this commend and press tab dpkg -i. if your download folder is empty. automatically you are gonna get nessus one.

Next step is /etc/init.d/nessusd start

Right now you can copy this addres https://kali:8834 and you can put your browser. As i said above you are gonna get activation code and please check you mail address. Do not forget check spams.

after confirm activation code. You will wait approximately 10-15 minutes for initializing.

The next step you are put username and password. Both is admin admin like that.

Finally you are going to see main screen of nessus. I will tell you what you are gonna do respectively. As you notice there is button on the right ‘new scan ‘ please click that button and then you will see many options of scanning type. I chose advanced one.

I filled it for my situation. However as i said beginning of this article you can write 16 IP address.

Final step save and run that is it. you can see many results of your network as well as you can find many solution related some issues. I mean this application gives both problems and solutions.

OPENVAS

OpenVAS is a powerful vulnerability scanning tool that supports large-scale scans which are suitable for organizations. You can use this tool for finding vulnerabilities not only in the web application or web servers but also in databases, operating systems, networks, and virtual machines.
OpenVAS receives updates daily, which broadens the vulnerability detection coverage. It also helps in risk assessment and suggests countermeasures for the vulnerabilities detected.

NEXPOSE

Nexpose is an open-source tool that you can use for no cost. Security experts regularly use this tool for vulnerability scanning. All the new vulnerabilities are included in the Nexpose database thanks to the Github community. You can use this tool with the Metasploit Framework, and you can rely on it to provide a detailed scanning of your web application. Before generating the report, it will take various elements into account.

Vulnerabilities are categorized by the tool according to their risk level and ranked from low to high. It’s capable of scanning new devices, so your network remains secure. Nexpose is updated each week, so you know it will find the latest hazards.

As you guess there is no possible to show all vulnerability scanning tools but. i will write to down my favaroties ones

Netsparker,Nikto2,OpenVAS,W3AF,Nessus, Nexpose,Nmap,AirCrack, Acunetix

Until next time.