Vulnerability Scanning
Vulnerability scanning is an essential skillset as a security engineer or pentester. The idea here that you use a tool that checks your network or website for known vulnerabilities. This is a standard and best practice.
​
There are a number of tools avialble for this task. Nessus is probably the most popular but Nexpose is becoming increasingly popular among pentesters using Metasploit because how well it integrates into Metasploit.
​
It's always important to note that like IDS's, vulnerability scanners produce numerous false positives. It is up to the pentester to then determine which are true vulnerabilities and which are false vulnerabilities.
​
I will try to demonstrate all of the major vulnerability scanners here, but for now you can read about;
​
1. Rapid7's Nexpose
​
​
2. Nikto for Website Scanning
​
​
​
​
​
​
​
​
​
​