Vulnerability scanners

Tools

Bash Scanner (vulnerable package detection for Linux)

Bash Scanner is a security tool that does a quick scan to see if there are vulnerable packages. It uses an external service to validate.

» Bash Scanner review and details

BDA (vulnerability scan for Hadoop and Spark)

BDA is a security tool to test installations of Hadoop and Spark, often used to store big data sets. Configuration weaknesses and other issues can be detected.

» BDA review and details

CMSmap (reconnaissance tool for popular CMS frameworks)

CMSmap is a security tool to perform reconnaissance on a web target. It helps with the detection of several popular content management systems (CMS).

» CMSmap review and details

flunym0us (vulnerability scanner for WordPress and Moodle)

Flunym0us is a security scanner for WordPress and Moodle installations. The tool tests the security of the installation by performing enumeration attempts.

» Flunym0us review and details

JexBoss (JBoss verify and exploitation tool)

JexBoss is a security tool to verify and exploit vulnerabilities in JBoss applications. It can be used for security assignments and pentests.

» JexBoss review and details

Lynis (audit tool and security scanner)

Security auditing tool for systems running Linux, mac OS, or Unix, to perform an in-depth health check.

» Lynis review and details

Nmap (network and vulnerability scanner)

Nmap is a security scanner that can perform a port scan, network exploration, and determine vulnerabilities

» Nmap review and details

OpenVAS (vulnerability scanner)

OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.

» OpenVAS review and details

Tulpar (web vulnerability scanner)

Tulpar is a security tool to scan web targets for possible vulnerabilities. It checks a wide range of items and attack types for this particular purpose.

» Tulpar review and details

Vane (WordPress vulnerability scanner)

Vane is a forked project of the now non-free popular WordPress vulnerability scanner WPScan.

» Vane review and details

Wapiti (vulnerability scanner for web applications)

Wapiti is a security tool to perform vulnerability scans on web applications. It uses fuzzing to detect known and unknown paths, among other tests.

» Wapiti review and details

Whitewidow (SQL vulnerability scanner)

Whitewidow is a security tool to perform automated SQL vulnerability scans. It can be used during penetration tests or for security assessments.

» Whitewidow review and details