conspiracy565 Posted May 1, 2017 Share Posted May 1, 2017 Hi all, i'm undertaking a project to determine which vulnerability scanning tools within Kali Linux are best suited for the job, there were three tools tested and these were, Nikto, Sparta and OpenVAS. The results that these scans returned when scanning metasploitable 2 with a Kali linux machine are as follows: Metasploitable 2 Nikto 15 Sparta 46 OpenVAS 144 These results are solely the number of vulnerabilities that were returned, OpenVAS seems to be the right choice but im looking for feedback to back up these results of whether this is accurate? or maybe whether the other tools have features that may give them an advantage over the other. Any feedback would be most welcome. Thanks. Quote Link to comment Share on other sites More sharing options...
digip Posted May 1, 2017 Share Posted May 1, 2017 (edited) Personally, I stick with things like unicorn scan(fast UDP/TCP port scanner), nmap --script vuln and gobuster for bruting directories to find worth investigating. From there, if I get a foot hold on a system with a low priv shell, its searchsploit and google for the rest to gain root. Nikto is def useful, but often lots of false positives. Even directory brute forcing can be noisy, but I'm only doing these on CTF Virtual machines, so I'm not so much concerned with what is on the access logs. Sparta is def a nice tool for covering the basic recon though and having it all organized in one interface, but it's automating other tools you can run(or script) on your own. Edited May 1, 2017 by digip Quote Link to comment Share on other sites More sharing options...
digininja Posted May 1, 2017 Share Posted May 1, 2017 It all depends on what you are looking at testing. Nikto is a web app scanner that looks for known issues, OpenVAS is a vulnerability scanner and I've never heard of Sparta. I'd suggest playing with all the common tools, learn what they test for, learn what their limitations are when to use them. If you want to try to pop network vulns then OpenVAS is worth running, if all you have is a web app then you are more likely to get info out of Nikto. If you want a basic port scan then nmap, if you want a fast scan against a large number of machines then Unicorn Scan. Quote Link to comment Share on other sites More sharing options...
digip Posted May 1, 2017 Share Posted May 1, 2017 7 minutes ago, digininja said: It all depends on what you are looking at testing. Nikto is a web app scanner that looks for known issues, OpenVAS is a vulnerability scanner and I've never heard of Sparta. I'd suggest playing with all the common tools, learn what they test for, learn what their limitations are when to use them. If you want to try to pop network vulns then OpenVAS is worth running, if all you have is a web app then you are more likely to get info out of Nikto. If you want a basic port scan then nmap, if you want a fast scan against a large number of machines then Unicorn Scan. Sparta takes an argument of an ip or subnet, scans with nmap and various tools and will help automate hydra attacks and such against targets, under one gui interface for gathering info and saving. It includes dirbuster and I think sqlmap attacks as well. Quote Link to comment Share on other sites More sharing options...
digininja Posted May 1, 2017 Share Posted May 1, 2017 In which case, I'd suggest learn how to use all the individual tools that it automates and then look to using it if you need to. I'd never go for automation without understanding the underlying tools. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.