Vulnerability Scanners

Vulnerability Scanners are software or hardware tools used to diagnose and monitor network computers, which allows you to scan networks, computers and applications to detect possible security problems, and to evaluate and fix vulnerabilities.

Vulnerability scanners allow you to test various applications in the system for the presence of "holes" that can be exploited by intruders. Low-level tools, such as the port scanner, can also be used to identify and analyze the possible applications and protocols that are running on the system.

Types of Vulnerability Scanners

The vulnerability scanner can be divided into 4 steps:

  1. Usually, the scanner first detects active IP addresses, open ports, the running operating system and applications.
  2. A safety report is generated (optional step).
  3. Attempt to determine the level of possible interference in the operating system or application (may cause a failure).
  4. At the final stage, the scanner can exploit the vulnerability by causing the operating system or application to crash.

Scanners can be malicious or "friendly". The latter usually stop in their actions in step 2 or 3, but they never reach step 4.

Among the vulnerability scanners are:

  • Port Scanner
  • Scanners investigating the topology of a computer network
  • Scanners investigating the vulnerabilities of network services
  • Network worms
  • CGI scanners ("friendly" - help to find vulnerable scripts)


The top ten in the opinion of vulnerability scanners (2006):

  1. Nessus: Vulnerability assessment for UNIX
  2. GFI LANguard: A commercial network vulnerability scanner for Windows
  3. Retina: Commercial scanner for vulnerability assessment
  4. Core Impact: Automated product for testing unauthorized intrusion into the system
  5. ISS Internet Scanner: Application-Level Vulnerability Assessment
  6. X-scan: Scanner for researching network vulnerabilities
  7. Sara: Security Auditor's Research Assistant
  8. QualysGuard: Vulnerability Scanner (web service)
  9. SAINT: Security Administrator's Integrated Network Tool
  10. MBSA: Microsoft Baseline Security Analyzer

Other known vulnerability scanners:

  • XSpider
  • OpenVAS
  • ERPScan SAP Security Scanner
  • SurfPatrol