List of Vulnerability Scanners with Descriptions

By | 15/11/2010

Here is list of sites that offer a vulnerability scanner. All these are absolutely free.

What is a vulnerability scanner?

A vulnerability scanner searches for security weaknesses or security holes in computer systems, servers, networks, or applications/services and reports them in details about possible vulnerabilities and probable defense or ways to prevent it. They let you know which applications are patched, which are insecure, and which are no longer maintained.

Network/Web Vulnerability Scanners (scans your networks, ports, and web applications)

  1.   GFI LANguard: scans your entire network and ports for missing security patches, service packs, open shares, open ports, unused user accounts and more. (Registration required: name & email)
  2.  Wapiti: vulnerability scanner for web applications. It currently searches vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections.

Application/Service Vulnerability Scanners (scans your software/hardware and services)

  1.   Secunia Software Inspector (PSI): scans your computer for thousands of known programs, checks for missing security patches and vulnerabilities in those programs(insecure program versions), and reports back to you with information and link on how to update them. Provides links to the vendor’s homepage, technical details, and the installation folder.
  2.   F-Secure Health Check: checks that you have up to date security applications and finds vulnerabilities in your installed software. Then guides you to a solution when issues are discovered.
  3. Protector Plus: checks your system for Windows Vulnerabilities. Lists the vulnerabilities detected, their risk level, and the download location of the patch. (30 day trial)
  4.   Belarc Advisor: builds a detailed profile of your installed software and hardware, missing Microsoft hotfixes, anti-virus status, CIS (Center for Internet Security) benchmarks, and displays the results in your Web browser. (Gives clear advice on how to address each issue.)
  5.   Microsoft Baseline Security Analyzer: detects common security misconfigurations and missing security updates/patches on your Windows systems.

Leave a Reply