Detecting vulnerabilities with Open Source tools

by | Jan 28, 2016

New vulnerabilities emerge every day, threatening enterprise information security. In order to avoid data and devices getting infected, it is important to find them out early so they can be fixed as soon as possible.

There are Open Source tools which can help to identify vulnerabilities, such as web servers and applications scanners, analysis tools, fuzzers... Below you can find a useful selection:

OpenVAS: This scanner is daily updated with new vulnerability tests.

Nexpose Community: It makes more than 163.000 network checks. It doesn’t include web application scanner but it is automatically updated.

Metasploit Framework: It validates vulnerabilities found by Nexpose and identifies the more dangerous ones in order to fix them first.

Retina CS Community: It simplifies and centralized vulnerability management and patching. It includes automated vulnerability assessment for servers, workstations, mobile devices, applications…

Burp Suite Free Edition: It provides all the tools to perform full security analysis for web applications.

Nikto: It performs tests against web servers to check files and programs. It also looks for outdated versions or versions with specific problems.

OWASP Zed Attack Proxy (ZAP): Integrated tool to find vulnerabilities affecting web applications.

Clair: Service specialized in container analysis.

Moloch: It storages and indexes and network traffic in PCAP standard format, providing quick access.

Powerfuzzer: Automatic and customizable web fuzzer that identifies cross site scripting (XSS); injections (SQL, LDAP, code, commands, CRLF and XPATH); and HTTP 500 statuses.

More info about these tools at eSecurity Planet.



Submit a Comment

Your email address will not be published. Required fields are marked *

Recent posts

VDI: The most secure environment for hybrid working

Today is Data Privacy Day. The purpose of this date is to raise awareness and promote privacy and data protection best practices. It was initiated by the European Commission, the Council of Europe, and the Data Protection authorities of the European Union’s member states. Their main goal was to drive attention to the importance of privacy, user data protection, and compliance of the General Data Protection Regulation (RGPD). It is a regulation characterized by significant fines for non-compliance since its implementation in 2018.

How to avoid issues with virtual machines

Virtualization comes with a wide range of benefits for organizations. It helps cut IT costs and reduces downtime while increasing efficiency and productivity. It also increases the resiliency of networks, primarily when disasters occur, and promotes more green-friendly operations.

However, using virtual machines also comes with a set of downsides. Information security may get compromised, workloads mixed up, separation duties lost, among other issues. It is vital to know how you can get over these problems, and that’s what this article will discuss.

Let’s get started.


Stay up to date with all the news from UDS ENTERPRISE through our social networks. Follow us!

Skip to content