Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers.
Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.Īlso see – JTR (Password Cracking) – John the Ripper 1.7 Released – FINALLY. Its primary purpose is to detect weak Unix passwords. John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.Īlso see: OpenVAS – Open Vulnerability Assessment System (Nessus is Back!). Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Recently went closed source, but is still essentially free. A very versatile tool, once you fully understand the results. Nmap is free and open source.Ĭan be used by beginners (-sT) or by pros alike (–packet_trace).
Nmap runs on most types of computers and both console and graphical versions are available. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. I think everyone has heard of this one, recently evolved into the 4.x series.