A piece of software and or hardware designed to detect the presence of vulnerabilities in an IT system.
Questions tagged [vulnerability-scanners]
409 questions
31
votes
5 answers
Web server attack methodology: why bother with manual tests if vulnerability scanner does it all?
I'm reading a white hat hacking book from a famous certification.
They say the methodology for hacking a web server is:
information gathering (domain name, DNS, IP, etc.)
footprinting (ex: banner grabbing)
website mirroring
vulnerability…
botanga
- 447
- 5
- 5
25
votes
3 answers
Should I report a security vulnerability?
I scanned a site using a vulnerability scanner and it found a vulnerability with a CVV score of 10. Should I send the report to the company?
Polaris Alderson
- 291
- 3
- 3
10
votes
2 answers
How do vulnerability scanners detect when DEBUG is set to True on ASP.NET applications
I know how to check this setting in code, and I know where to look in the web.config, but I can't seem to find information on how a vulnerability scanner like Qualys would detect this.
I've considered the following, but I have no way of knowing if…
David Stratton
- 2,686
- 3
- 23
- 37
5
votes
1 answer
Reliability of Padding Oracle vulnerability testers
I recently ran my website through the Qualsys SSL Labs SSL Test. My website got a grade "F" with this message attached:
This server is vulnerable to the OpenSSL Padding Oracle vulnerability (CVE-2016-2107) and insecure. Grade set to F.
Being…
Alex
- 709
- 5
- 7
4
votes
1 answer
How can I find a CVE ID for "No Translation Available" entries in Foundstone or McAfee Vulnerability Manager?
On a recent scan using McAfee Foundstone Enterprise (newer versions are known as McAfee Vulnerability Manager), I ran into a "No Translation Available" error.
It's rather frustrating that these errors leave me without any specific description or…
Iszi
- 27,127
- 18
- 101
- 163
3
votes
2 answers
Is SNMPing available anymore?
I am researching SNMP and I read about a scanning tool from SANS called SNMPing. Is this tool still available?
I cannot find anywhere to download it. Sending an empty email to snmptool@sans.org just gets rejected.
sourcenouveau
- 133
- 1
- 6
3
votes
3 answers
Modeling & Simulation: Do vulnerability-scanner software simulators exist?
In my research, i am attempting to develop a simulator that mimics the output of a vulnerability scanner, given a set of parameters (e.g., Network IP ranges, number of machines to scan, typical machine configuration, etc).
do these types of…
scooter
- 31
- 1
3
votes
2 answers
Nikto scan says "Uncommon Header"
I have a problem with the Nikto Web Scanner.
I would like to scan a site but Nikto returned the response with a HTTP 403 status code:
After that I tried to change the USERAGENT in nikto.conf. Nikto is now able to return with HTTP 200 status code…
Traveller
- 103
- 1
- 2
- 8
2
votes
2 answers
Organizing scheduled vulnerability scans
I am wondering what others do in regards to setting up their enterprise scheduled vulnerability scan policies. For example do you prefer to create a single scan policy and scan all networks regardless of the hosts platforms (windows, linux, SQL…
m3ta
- 274
- 3
- 8
2
votes
1 answer
how to access to arachni scanner web interface?
I have downloaded Arachni package. It is said in the README file to run bin/arachni_web to access to web interface of this scanner.
I run it but no web page appears. I just see these lines:
>> Thin web server (v1.5.1 codename Straight Razor)
>>…
hd.
- 131
- 1
- 1
- 4
2
votes
2 answers
Why Nessus freezes at 0% and how to fix it?
Does anybody know why Nessus freezes at 0%?
I am not sure that I've done the right configuration, but it is becoming painful
How long approximately takes to scan one machine?
Alex
- 422
- 1
- 8
- 14
2
votes
2 answers
Old browser version connected to server
I am using securityscorecard.com to security test some web sites. One of the issues it has flagged is "Outdated web browser observed". Full description is as follows...
The web is constantly evolving, using different languages, protocols, and file…
vegedezozu
- 93
- 1
- 8
2
votes
1 answer
Scanning for GXHLGSL.txt in server logs
I have found in my server access logs that someone is trying to access GXHLGSL.txt file. It looks like automated test (it was right after trying wp-login.php).
When I googled that file I found it on several sites. It contains word TEST.
What is a…
user145678
- 21
- 2
2
votes
3 answers
Can attackers leverage a sites SSL to "hide" attacks from a IPS?
I am running an IDS on the outside of my firewall (I know not ideal) and an IDS on the inside of my LAN running the same detection algorithms and definitions. My website auto redirects all HTTP requests to HTTPS. My IDS frequently detects nmap…
CptnKeith
- 23
- 5
2
votes
1 answer
How to learn about issues provided by a vulnerability scan
I received a security scan from Fortify on a webapp (using SSL/HTTPS) written in Angular that I am working on and I have two questions (high risk issues) that I'm seeking help on.
Access Control: Unprotected File - GET…
JulieMarie
- 123
- 1
- 4