Vulnerability Scanning

How to find security vulnerabilities.

Nessus

The number one vulnerability scanner for infrastructure.

https://www.tenable.com/products/nessus

Nuclei

Nuclei is a vulnerability scanner that is great for web applications and some network services. It uses community written templates to find thousands of issues

https://github.com/projectdiscovery/nuclei

The following command will run a rate limited nuclei against all of the non-intrusive templates:

sudo nuclei -u URL -rl 50 -c 5 -t http/cnvd -t http/cves -t dns -t http/exposed-panels -t http/exposures -t file -t http/miscellaneous -t http/misconfiguration -t network -t http/osint -t http/takeovers -t http/technologies -t http/vulnerabilities -t dns

PreviousPassword Spraying NextInternal Infrastructure

Last updated 5 months ago