Background Image

Blog Post

Nov 14

Vulnerability Assessment Tools

Whether you prefer Windows or Linux there are steps you can take to improve your system's security and network topology. Step 1 is always information gathering, and that is true of your host system as well. No matter if you are a Pen Tester or just feeling anxious about people sniffing around your PC, these tools help.


The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. ~ Platform Linux


The Microsoft Baseline Security Analyzer provides a streamlined method to identify missing security updates and common security configuration errors. ~ Platform Windows


With over 10,000 deployments since 1998, Beyond Trust Retina Network Security Scanner is the most sophisticated vulnerability assessment solution on the market. Available as a standalone application or as part of the Retina CS unified vulnerability management platform.


Nexpose, the vulnerability management software, proactively scans your environment for misconfigurations, vulnerabilities, and malware and provides guidance for mitigating risks. Experience the power of Nexpose vulnerability management solutions by knowing the security risk of your entire IT environment including networks, operating systems, web applications, databases, and virtualization.


SAINT is a commercial vulnerability assessment tool. Like Nessus, it used to be free and open source but is now a commercial product. Unlike Nexpose, and QualysGuard, SAINT runs on Linux and Mac OS X


The very first step in vulnerability assessment is to have a clear picture of what is happening on the network. Wireshark (previously named Ethereal) works in promiscuous mode to capture all traffic of a TCP broadcast domain. Custom filters can be set to intercept specific traffic; for example, to capture communication between two IP addresses, or capture UDP-based DNS queries on the network. Traffic data can be dumped into a capture file, which can be reviewed later. Additional filters can also be set during the review.


This scanner is capable of crafting packets and performing scans to a granular TCP level, such as SYN scan, ACK scan.
There are of course many many others as even tools such as Metasploit and Aircrack may technically fall into this range. We're only including the ones that can quickly assess the host system here and the nearby network.

Add Comment:
Please login or register to add your comment or get notified when a comment is added.
1 person will be notified when a comment is added.