Skip to content

Tools

Below is a list of tools we can use for vulnerability analysis.

Metasploit

The Metasploit Framework is a modular penetration testing platform based on Ruby that allows users to write, test, and execute exploits. Metasploit contains a set of tools that can be used to test security vulnerabilities, enumerate networks, carry out attacks, and evade detection. At its core, it is a collection of commonly used tools that provide a comprehensive environment for penetration testing and exploit development.

This framework enables vulnerability analysis of web applications, servers, systems, and more. Created with the purpose of exploitation and pre-exploitation, it is currently the tool of choice for penetration testers.

Nessus

Nessus is a proprietary, branded vulnerability scanner created by Tenable Network Security. Some examples of vulnerabilities and exposures that Nessus can scan for include:

  • Vulnerabilities that could allow control of a system or unauthorized access to sensitive data.
  • Misconfigurations (e.g., open mail relays, missing patches, etc.).
  • Default passwords, some common passwords, and blank/missing passwords on certain system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack.
  • Denial-of-service vulnerabilities.

Nessus scans cover a wide range of technologies, including operating systems, network devices, hypervisors, databases, web servers, and critical infrastructure.

Burp Suite

Burp Suite Professional is one of the most popular penetration testing and vulnerability assessment tools and is often used to test the security of web applications. “Burp,” as it is commonly known, is a proxy-based tool used to evaluate the security of web-based applications and to perform hands-on testing.

OWASP ZAP

OWASP ZAP (short for Zed Attack Proxy) is an open-source web application security scanner. It is designed to be used both by those who are new to application security and by professional penetration testers.

It is one of the most active projects of the OWASP and has been granted Flagship status.

When used as a proxy server, it allows the user to intercept and manipulate all traffic that passes through it, including traffic that uses HTTPS.

Acunetix

Acunetix is another tool that scans only web-based applications, but its multithreaded scanner can crawl hundreds of thousands of pages quickly and also identifies common web server configuration issues. It is an automated tool that audits your web applications by checking for vulnerabilities such as SQL Injection, Cross-Site Scripting, and other exploitable vulnerabilities. In general, Acunetix analyzes any website or web application that is accessible through a web browser and uses the HTTP/HTTPS protocol.

OpenVAS

OpenVAS is a fully featured vulnerability scanner. Its capabilities include unauthenticated and authenticated testing, support for various high- and low-level industrial and Internet protocols, performance tuning for large-scale scans, and a powerful internal programming language to implement any type of vulnerability test. The scanner obtains its vulnerability tests from a feed with a long history and daily updates.

OpenVAS has been developed and maintained by Greenbone Networks since 2006. As part of the commercial vulnerability management product family "Greenbone Security Manager" (GSM), the scanner forms the Greenbone Vulnerability Management together with other Open Source modules.

Veracode

Veracode is a security platform focused on application security analysis and monitoring. It provides tools for static, dynamic, and software composition analysis to identify vulnerabilities across applications and supporting infrastructure.

SATAN

SATAN (Security Administrator Tool for Analyzing Networks) is an early network analysis tool designed to identify security weaknesses in networked systems. It helped lay the foundation for modern vulnerability scanning and network assessment tools.

Aircrack-ng

Aircrack-ng is a suite of tools used to audit wireless networks. It focuses on assessing the security of Wi‑Fi implementations by analyzing traffic and identifying weaknesses in wireless encryption and authentication mechanisms.

Arachni

Arachni is an open-source web application security scanner designed to detect vulnerabilities such as SQL injection, XSS, and other common web flaws. It is modular and extensible, making it suitable for automated and large-scale web assessments.

Nikto

Nikto is a web server scanner that performs comprehensive tests against web servers to identify known vulnerabilities, misconfigurations, and outdated software. It is commonly used during reconnaissance and initial security assessments.