I.T. Security and Linux Administration

Apr 30 2013   10:23PM GMT

Web App/Vulnerability Scanner

Eric Hansen Eric Hansen Profile: Eric Hansen

I want to know something: what scanner(s) do you use to assess the security of your systems, programs, network, etc…? For example, Metasploit and Nessus are two of the most popular in this field, but there’s also ones such as OpenVAS, W3af, Nikito.

Of the one(s) you use, why do you? What draws you to them over the use of another?

I’ll start.

I used to use Nexpose (from Rapid7, makers of Metasploit) for a long time. Only reason I really stopped is the limitations and extreme usage requirements (it runs off of Java, and you need at least 2GB RAM to even try to run it).

When I reinstalled BackTrack, I discovered OpenVAS, and have since been using that. Its forked from Nessus before it went close-source, and has basically taken a form all in its own.

Its intensive as well, but at least I can run it on my old server (720 MB, 1.8 GHz single-core AMD processor, etc…).

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: