Which free security auditing / vulnerability assessment tools do you use?
I am trying to do a quick audit of our security landscape (such as, not limited to, which versions of SQL / OS are running, patching levels, misconfigurations. attack surface etc) and thought I would ask what other people are using. So I am currently only looking at free tools (Using Powershell / WMI etc) that are easy to use and can quickly give us an overview of the security health of our domain (Windows / Linux / Mac) - we will look at paid products separately down the line.
I welcome suggestions of tools you have used top criteria would be:-
1. Can quickly audit a whole environment preferably without needing agents preinstalled
2. Free (or very cheap)
3. Provide up to date information
Thanks!
Jon
I welcome suggestions of tools you have used top criteria would be:-
1. Can quickly audit a whole environment preferably without needing agents preinstalled
2. Free (or very cheap)
3. Provide up to date information
Thanks!
Jon
ASKER
Thanks, but looking for things that are quick and setting up WSUS is a little more in-depth than I was hoping for!
Also I had looked at OpenVAS, but I believe it is Linux only and again complicated to set-up.
Also I had looked at OpenVAS, but I believe it is Linux only and again complicated to set-up.
the tasks you are looking to accomplish are nothing easy. It is perfectly understandable that the tool set is not easy to "manipulate".
I am not aware of of a tool that will do it all for you. You probably need to hire experienced pen-testers that will do it for you. They are using a list of tools (often installed on Linux) to connect to your network and find vulnerabilities.
I am not aware of of a tool that will do it all for you. You probably need to hire experienced pen-testers that will do it for you. They are using a list of tools (often installed on Linux) to connect to your network and find vulnerabilities.
The problem lies more in the fact that you're not looking for paid products.
PDQ Deploy has a free version, but that's more in the patch management arena.
What is the size of the environment? That's one key factor. What tools are already in place?
PDQ Deploy has a free version, but that's more in the patch management arena.
What is the size of the environment? That's one key factor. What tools are already in place?
ASKER
< 50 servers
Environment is in Azure so have Azure Security Centre and Microsoft Secure Score etc but just looking at what can supplement those.
Also have Solarwinds but mainly for monitoring.
Maybe I am asking for an impossible thing but thought if I asked then people might list some favourite tools that I haven't come across!
Have been looking at the community version of Retina which is the sort of thing that I had in mind and thought there might be other tools / scripts etc out there that people were using for free. Will eventually go for a formal pentest I'm sure but initially keen to identify the low hanging fruit before that point.
Environment is in Azure so have Azure Security Centre and Microsoft Secure Score etc but just looking at what can supplement those.
Also have Solarwinds but mainly for monitoring.
Maybe I am asking for an impossible thing but thought if I asked then people might list some favourite tools that I haven't come across!
Have been looking at the community version of Retina which is the sort of thing that I had in mind and thought there might be other tools / scripts etc out there that people were using for free. Will eventually go for a formal pentest I'm sure but initially keen to identify the low hanging fruit before that point.
OpenVAS, and it does come in the form of a VM (https://www.hackingtutorials.org/scanning-tutorials/vulnerability-scanning-openvas-9-pt-1/)
Metasploit is another one, that one can be used from windows also: https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers
You may need to disable virus scanners because they will hit on the payloads that metaslpoit has to be sent to other systems.
Metasploit is another one, that one can be used from windows also: https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers
You may need to disable virus scanners because they will hit on the payloads that metaslpoit has to be sent to other systems.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks everyone. I will give Nessus a try.
Is there an Active Directory domain? While you may not have SCCM, you could at least set up WSUS.