Solved

Vulnerability scanning tools!

Posted on 2016-07-30
5
102 Views
Last Modified: 2016-08-09
Hi All,

We look for tools to scan vulnerabilities on our system, tools can free or license, please give us your advice.

Thanks so much,

HNN.
0
Comment
Question by:ldvhai
5 Comments
 
LVL 87

Expert Comment

by:rindi
ID: 41735693
Not sure what OS or system you want to scan. But Kali is a live distro that is very good for scanning your network and for auditing:

https://www.kali.org/

As for scanning a Windows PC for malware, MBAM is the best tool:

https://www.malwarebytes.com/
0
 
LVL 2

Author Comment

by:ldvhai
ID: 41735709
Thanks so much Rindi
0
 
LVL 61

Assisted Solution

by:btan
btan earned 200 total points
ID: 41735749
Come to penetration test will be much more desired to level up just vulnerability scan. There is no one silverbullet tool that does the scan holistically. You will likely need a couple tools for the scan effort. This may be of interest whereby the suggested tools are listed for achieving specific scan objective (you can also find " Vulnerability Assessment" and "Vulnerability Analysis" section for the two links respectively)
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines#Vulnerability_Analysis
Some tools to consider
The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. OpenVAS is a fork of Nessus that allows free development of a non-proprietary tool.
http://www.openvas.org/download.html
The Nexpose Community edition includes:
Scans 32 IPs
Scans networks, OS and DBs
Deployment option: software
https://www.rapid7.com/products/nexpose/compare-downloads.jsp
w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities.
http://w3af.org/download
Personal Software Inspector is a security scanner which identifies programs that are insecure and need updates. It automates the updating of the majority of these programs, making it a lot easier to maintain a secure PC. It automatically detects insecure programs, downloads the required patches, and installs them accordingly without further user interaction.
http://www.flexerasoftware.com/enterprise/products/software-vulnerability-management/personal-software-inspector/

for licensed one, see
Passive Vulnerability Scanner (PVS), PVS v5.0 enables you to increase visibility of devices, services, applications, and vulnerabilities active on a network.
https://www.tenable.com/products/passive-vulnerability-scanner/download, or collectively from Nessus offering
he free Nessus Home for your private non-commercial use, download an evaluation of Nessus Professional, the most widely deployed vulnerability scanning solution in the world, or request an evaluation of Nessus Manager or Nessus Cloud, our vulnerability management solutions for enterprise security teams.
https://www.tenable.com/products/nessus/select-your-operating-system
or Acunetix collection
Acunetix has integrated the popular OpenVAS scanner within Acunetix Online Vulnerability Scanner to provide a comprehensive perimeter network security scan that integrates seamlessly with your web application security testing, all from an easy to use simple cloud-based service.
http://www.acunetix.com/vulnerability-scanner/network-security-scanner/
0
 
LVL 25

Accepted Solution

by:
madunix earned 300 total points
ID: 41735964
Some BASIC; Vulnerability absence of safeguard;  Vulnerability assessments identify weaknesses; Penetration testing exploits weaknesses.
Rapid7, is the best tool for performing a vulnerability assessment. It will scan  data bases, web servers, platforms, network devices, operating systems, and applications etc..
https://www.rapid7.com/
http://sectools.org/
http://iase.disa.mil/Pages/index.aspx
https://www.experts-exchange.com/questions/24973651/Vulnerability-Penetration-testing.html
https://www.experts-exchange.com/questions/28509131/critical-web-application-security-controls.html
0
 
LVL 47

Expert Comment

by:dbrunton
ID: 41736872
For local computers rindi has recommended MBAM https://www.malwarebytes.com/mwb-download/

I'll add to that:

AdwCleaner  http://www.bleepingcomputer.com/download/adwcleaner/

Combofix  http://www.bleepingcomputer.com/download/combofix/

Between those three you've got a good range for cleaning an infected computer.
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now