The open source Metasploit Framework is a command line only tool. Metasploit Community is a free non-open source version, which is easier to use thanks to a Web UI.
The open source application offers full support for VMware environments, including online and offline virtual image scanning, virtual application scanning, and integration with vCenter.
Plus, it checks for server configuration items such as the presence of multiple index files and HTTP server options, and it will attempt to identify installed Web servers and software. Scan items and plugins are frequently updated and can be updated automatically.
A fork of the Paros Proxy tool, ZAP provides automated scanners as well as a set of tools for finding security vulnerabilities manually. The open source tool is under active development, supported by organizations including OWASP, Microsoft and Google.
Clair analyzes each container layer once and does not execute the container to perform its examination. The open source scanning engine extracts all required data to detect known vulnerabilities and caches layer data for examination against vulnerabilities discovered in the future.
Moloch is not meant to replace IDS engines but instead to work alongside them to store and index all the network traffic in standard PCAP format, providing fast access. The open source analysis tool is built to be deployed across many systems and can scale to handle multiple gigabits/sec of traffic.
Vulnerability assessment tools are an essential part of enterprise security strategies, as scanning applications for known vulnerabilities is a key best practice. Using open source vulnerability assessment technologies can help organizations save money and customize software to suit their needs.
Many open source vulnerability assessment tools are conveniently bundled in security distributions such as Offensive Security's Kali Linux. Here is a selection of 10 useful open source vulnerability assessment tools, including general vulnerability assessment tools, Web server and application vulnerability scanners, analysis tools and fuzzers.
June 24, 2017
June 23, 2017
June 22, 2017
June 22, 2017
Copyright 2017 Quinstreet Inc. All Rights Reserved.