security scanning tools

Skipfish is a free, open-source, and Web application.ProgramSecurity detection tools. Skipfish features: -Fast: skipfish is fully written by C. It features highly optimized HTTP processing capabilities and the lowest CPU usage. It can easily process 2000 requests per second; -Easy to use: Uses heuristic scanning technology to host multiple web architectures. Supports automatic learning, Dictionar

/nessus-adduser, you will be prompted to add the appropriate password, the password you set yourself.Step 7: Finally, open the browser and enter https://ip:8834 8834 as the port number for the Nessus service. If you are not sure that the service is started after you start the service, you can ps-aux |grep NESSUSD to viewAfter you open the browser, enter your username and password to scan!Ubuntu under Nessus installation useNessus Relatively speaking, is a very powerful

tool, but also performs a preflight test to see if the default installation directory (/usr/local/maldetect) exists. If it does not exist, the script creates the installation directory first and then executes the next step. Finally, once the installation is complete, you can schedule daily execution through Cron (scheduled tasks) by simply putting the cron.daily script (see above) into the/etc/cron.daily. This help script has a number of features, including emptying old temporary data, checkin

Common Linux Network Tools: hping advanced host Scanning I have previously introduced the host scanning tool fping. For details, refer to my "common Linux network tool: fping host scanning". Hping is a more advanced host scanning tool that supports TCP/IP packet construction

Common Linux Network Tools: mtr for Route Scanning In addition to traceroute introduced in the previous article "common network tools for Linux: traceroute for Route scanning", Linux also has another commonly used route scanning tool mtr. Mtr is more useful than traceroute

0X01 Description:In order to facilitate the information security assessment work, the timely collection of sensitive address (originally intended to crawl the API address), so write a small tool. Two simple functions (directory Scan and URL-address crawling).0x02 usage Parameters: Python spider.py-u url-s api-o output.txt-t thread_number #通过爬虫Python spider.py-u url-s dir-f dict.txt-o output.txt #通过目录扫描0x03 Partial Function Description:Prevents repeate

The previous two articles "Linux Common Network Tools: Fping host Scan" and "Linux common Network Tools: hping Advanced Host Scan" are all about the host scan, this article introduces the common route scanning tools traceroute and MTR.A route scan is primarily a query for the number of hops and data delays that are rou

PreviousArticleYou have introduced the "authorized scanning" and "weak password scanning" of the "database Vulnerability Scanning System ", today, we will go to "unauthorized scanning" For MySQL and ms SQL Server ". Create a database vulnerability scan task, which is mysql. Enter the address, port, Instance name, and

installation package.2) Enter/USR/SRC/JOHN.../SRC, execute make clean linux-x86-64 install John.3) Set up test user Zhangsan, password 123;lisi, password 12344) Copy/etc/shadow (user password file) to/root/shadow, perform/usr/src/john.../run/john scan/root/shadow file.5) The following results are obtained2. Port scan1) Locate the disk in the Nmap RPM package, and then install2) Configure an IP address for Linux, followed by scanning 127.0.0.1, if the

A large number of modern enterprises use web applications to connect seamlessly with their customers. However, incorrect coding causes many security problems. Vulnerabilities in Web applications allow hackers to directly access sensitive information (such as personal data and logon information. Web applications allow visitors to submit data and retrieve data from databases over the Internet. Databases are at the heart of most web applications. The dat