View Full Version : Scanning for vulnerable websites
03-22-2009, 07:42 AM
looking for a good scanner which can tell me if a website has mysql vulnerabilities...whats the best one, if a application like this exists
03-22-2009, 07:34 PM
I would tend to use Google for this. You type in
"application name" version vulnerability
And it'll pop up any known, published vulnerabilities for that particular version of the software. Chances are that if there's a known vulnerability, it's been posted on the security lists and archived on numerous sites.
Now, if you want *unpublished* vulnerabilities or vulnerabilities in custom software/scripts, you'll have to work a lot harder....
05-18-2009, 12:53 AM
Scan a ip range~ thats the best way. It's what those chinese do to find anonymous FTP and use them.
05-18-2009, 01:57 AM
Nmap is good for scanning large IP ranges.
sudo nmap -v -sP xxx.xxx.*.*
Wildcards will scan the entire IP range. The code above scans 65536 IP addresses.
Nessus will go into even more detail. Remember that they'll be able to detect your IP address connecting to them.
vBulletin® v3.8.1, Copyright ©2000-2013, Jelsoft Enterprises Ltd.