Vulnerability scanner
From Wikipedia, the free encyclopedia
A vulnerability scanner is a computer program designed to search for and map systems for weaknesses in an application, computer or network. Step 1, typically the scanner will first look for active IP addresses, open ports, OSes and any applications running. Step 2, It may at this point create a report or move to the next step. Step 3, try to determine the patch level of the OS or applications. In this process the scanner can cause an exploit of the vulnerability such as crash the OS or application. Step 4, the final phase the scanner may attempt to exploit the vulnerability. Scanners may either be malicious or friendly. Friendly scanners usually stop at step 2 and occasionally step 3 but never go to step 4.
Types of vulnerability scanners:
- port scanner
- network scanner
- web application scanner
- computer worm
Friendly types of vulnerability scanners:
- cgi scanner (usually restricted to banner checking; cgi scanners can find vulnerable scripts but usually don't exploit them)
[edit] Programs
Port scanners (Nmap)
Network scanners (Nessus, SAINT)
Web application scanners (Wapiti, Sandcat, Acunetix)
CGI scanners (Arirang; Nikto; Whisker)