Доброго времени, хотел бы узнать у вас по вашему мнению. Какие существуют сканеры уязвимостей,
и какие из них самые лучшие и какие используете вы
и какие из них самые лучшие и какие используете вы
-
XSS.stack #1 – первый литературный журнал от юзеров форума
Сканеры уязвимостей
- Автор темы flex
- Дата начала
Nessus, OpenVAS or Invicti
You can use Nessus essential which is free but it has a limit to scan 16 IP address per scanner but paid version (Professional and Expert) offer Unlimited Vul. scan and security audits. Or choose Invicti (never tried) or use OpenVAS which is Opensource (ofcouse without a price tag). All depends on personnel choice, requirement and budget.
You can use Nessus essential which is free but it has a limit to scan 16 IP address per scanner but paid version (Professional and Expert) offer Unlimited Vul. scan and security audits. Or choose Invicti (never tried) or use OpenVAS which is Opensource (ofcouse without a price tag). All depends on personnel choice, requirement and budget.
Неделю назад обсуждалось: https://xss.pro/threads/106523/
don't use any of this as " Scanner " this is very bad practice , you should use it only as information gathering tools and i suggest to work only with 2 things ( Nmap , Burp ) both are very powerful when it come to breaking into websites and cloud's
so what to do ? scan manually test the top 10 owasp vulnerability's on the application you test using Nmap and Burp and analyze requests and manipulate it , that's how you can find vulnerability's fast
I usually use nmap, nessus, nikto and ext. Years ago I used acunetix too, but think that now is not "free" 
OWASP Zap