cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Newcomer II

Re: internal scanning tools

I went to the Alienvault but it seems there is only a free trial. Please let me know which of the products you mentioned is totally free

Highlighted
Newcomer II

Re: internal scanning tools

Openvas has been replaced by the community edition of GSM, Greenbone Security Manager. I have tried that and it is very limited in terms of plugins.

Highlighted
Newcomer II

Re: internal scanning tools


@JoshuaGabriel wrote:

I went to the Alienvault but it seems there is only a free trial. Please let me know which of the products you mentioned is totally free


OSSIM is the free (limited) version

Use this link: https://dlcdn.alienvault.com/AlienVault_OSSIM_64bits.iso

Highlighted
Newcomer II

Re: internal scanning tools

Thank you DALX.

 

Already downloaded.Smiley Happy

Highlighted
Newcomer III

Re: internal scanning tools

Nessus and Nmap are great as many people have mentioned. Nexpose from Rapid 7 is also good. If you're looking at MetaSploit and at going beyond just scanning and checking on whether vulnerabilities can be exploited, then you might also want to look at the (free) Penetration Testers Framework (PTF) from the wonderful folks at TrustedSec. 

Highlighted
Newcomer II

Re: internal scanning tools

On the software development side have the development teams routinely run

  • OWASP Dependency Check
  • OWASP Zed Attack Proxy (ZAP)

Cross-check with SonarQube's security warnings.