A vulnerability scanner is a computer program designed to search for and map systems for weaknesses in an application, computer or network. Step 1, typically the scanner will first look for active IP addresses, open ports, OSes and any applications running. Step 2, It may at this point create a report or move to the next step. Step 3, try to determine the patch level of the OS or applications. In this process the scanner can cause an exploit of the vulnerability such as crash the OS or application. Step 4, the final phase the scanner may attempt to exploit the vulnerability. Scanners may either be malicious or friendly. Friendly scanners usually stop at step 2 and occasionally step 3 but never go to step 4. A computer program is a collection of instructions that describe a task, or set of tasks, to be carried out by a computer. ...

Types of vulnerability scanners:

• port scanner
• network scanner
• web application scanner
• computer worm

Friendly types of vulnerability scanners: A port scanner is a piece of software designed to search a network host for open ports. ... This is about the computer worm. ...

• cgi scanner (usually restricted to banner checking; cgi scanners can find vulnerable scripts but usually don't exploit them)

Programs

Port scanners (Nmap) Nmap is a free security scanner written by Fyodor. ...

Network scanners (Nessus, SAINT) In computer security, Nessus is a comprehensive vulnerability scanning program. ...

Web application scanners (Wapiti, Sandcat, Acunetix)

CGI scanners (Arirang; Nikto; Whisker) Nikto Web Scanner is an Open Source (GPL) Web server scanner that tests Web servers for dangerous files/CGIs, outdated server software and other problems. ...

External links

• What is a Web Application Security Scanner?
• Details on different types of vulnerability scans and how they help secure your web server.
• What can't a Web Application Scanner find?
• Web Application Vulnerability Scanners - a Benchmark