Vulnerability Scanners
Nessus
Nessus is a proprietary vulnerability scanner developed by Tenable. It automates the process of identifying vulnerabilities in target systems and provides relevant information, such as CVE details. Nessus results can be imported into Metasploit (MSF) for further analysis and exploitation. The free version, Nessus Essentials, allows scanning up to 16 IPs.
Important Filters: Metasploit Exploitation Framework, Severity
WMAP
wmap is a powerful, feature-rich web application vulnerability scanner that can automate web server enumeration and scan web applications for vulnerabilities. WMAP is available as an MSF plugin, fully integrated with Metasploit Framework (MSF), allowing web app vulnerability scanning directly within MSF.
# Launch msfconsole in quiet mode & Set the global RHOSTS variable to the target domain
msfconsole -q
setg RHOSTS [domain]
# Load the WMAP plugin into MSF
load wmap
# Display help information for wmap_sites
wmap_sites -h
# Add a target site to the WMAP site list
wmap_sites -a [domain]
# Display help information for wmap_targets
wmap_targets -h
# Add the site to the WMAP target list
wmap_targets -t [domain]
# List all added sites
# List all defined targets
wmap_sites -l
wmap_targets -l
# Display help information for wmap_run
# Run a scan on the defined targets -- this will begin testing the target and will display a list of available modules that can be run against the target web server.
wmap_run -h
wmap_run -t
# Enable all available modules for scanning
wmap_run -e Last updated