Automated Vulnerability Scanning

Automated Vulnerability Scanning is a critical component of active web application reconnaissance, allowing for the efficient identification of known vulnerabilities in web applications.

OWASP ZAP (Zed Attack Proxy): Automated vulnerability scanner for web applications.

Nessus: Widely used vulnerability scanner with web application scanning capabilities.

Acunetix: Automated tool to scan web applications for vulnerabilities.

Nikto (CLI-based): Web server scanner which performs tests against web servers for multiple items.

nikto -h http://example.com
# Scans the specified website.
nikto -h http://example.com -ssl
# Scans using SSL.
nikto -update
# Updates Nikto’s plugin and database.
nikto -h http://example.com -output results.html
# Outputs the results to an HTML file.
nikto -h http://example.com -port 8080
# Scans a specific port.

Qualys Web Application Scanning: Cloud service for automated web application scanning.

SQLmap (CLI-based): Automated tool for SQL injection discovery and exploitation.

sqlmap -u http://example.com --batch
# Runs SQLmap in batch mode.
sqlmap -u http://example.com --forms
# Scans web forms.
sqlmap -u http://example.com --dbs
# Enumerates DBMS databases.
sqlmap -u http://example.com -D dbname --tables
# Lists tables in a specific database.
sqlmap -u http://example.com -D dbname -T tablename --dump
# Dumps the contents of a specific table.

WebInspect: Automated dynamic application security testing.

AppSpider: Scans web applications to identify vulnerabilities.

W3af: Web application attack and audit framework.

IBM Security AppScan: Suite of software products for security testing of web applications.

Detectify: Automated vulnerability scanner that mimics a hacker's techniques.

Netsparker: Automated web application security testing.

Veracode Static Analysis: Identifies and fixes vulnerabilities in web applications in all major languages.

Probely: Finds vulnerabilities and provides guidance on fixing them.

Invicti (Formerly NetSparker): Scans web applications, websites, and web services to detect security flaws.

SiteLock: Provides website scanning and malware detection.

Syhunt: A suite of tools for dynamic and static analysis of web applications.

BeEF (Browser Exploitation Framework): Focuses on the web browser, aiming to assess the security posture of a target environment.

Grabber: Scans small web applications for common vulnerabilities.

PreviousSession Management Analysis NextWeb Enumeration

Last updated 11 months ago

nikto -h http://example.com # Scans the specified website. nikto -h http://example.com -ssl # Scans using SSL. nikto -update # Updates Nikto’s plugin and database. nikto -h http://example.com -output results.html # Outputs the results to an HTML file. nikto -h http://example.com -port 8080 # Scans a specific port.

sqlmap -u http://example.com --batch # Runs SQLmap in batch mode. sqlmap -u http://example.com --forms # Scans web forms. sqlmap -u http://example.com --dbs # Enumerates DBMS databases. sqlmap -u http://example.com -D dbname --tables # Lists tables in a specific database. sqlmap -u http://example.com -D dbname -T tablename --dump # Dumps the contents of a specific table.