Automated vulnerability scanning

Nessus

Nessus is a vulnerability scanner useful for network discovery using port scans and enumerate services from either an authenticated or nonauthenticated context. It then compares that information to an extensive internal database of known vulnerabilities to highlight potential or confirmed vulnerabilities on the identified services.

It was created by Renaud Daraison in 1998 and was originally an open-source remote security scanner. Several years later in 2005, Tenable Network Security changed Nessus over to a closed-source license.

Greenbone (OpenVAS)

OpenVAS is an open-source vulnerability scanner that started as a spin-off of Nessus called GNessUs. It took until 2006 for GNessUs to transform into the OpenVAS tool. In 2017, Greenbone changed the OpenVAS framework to Greenbone Vulnerability Management, and change the OpenVAS Scanner into a module.

Nikto

Nikto is an incredibly aggressive and noisy web server vulnerability scanner, and included in Kali.

nikto -h [IP address] -p 80 -o nikto_scan -F txt

Resources

• Nessus Essentials

• Greenbone

• Greenbone getting started tutorials

• Nikto wiki