Jump to content

Recommended Posts

Hi all, i'm undertaking a project to determine which vulnerability scanning tools within Kali Linux are best suited for the job, there were three tools tested and these were, Nikto, Sparta and OpenVAS.

The results that these scans returned when scanning metasploitable 2 with a Kali linux machine are as follows:

                                  Metasploitable 2

  • Nikto                          15  
  • Sparta                       46
  • OpenVAS                 144

These results are solely the number of vulnerabilities that were returned, OpenVAS seems to be the right choice but im looking for feedback to back up these results of whether this is accurate? or maybe whether the other tools have features that may give them an advantage over the other.

Any feedback would be most welcome.

Thanks.

Link to comment
Share on other sites

Personally, I stick with things like unicorn scan(fast UDP/TCP port scanner), nmap --script vuln and gobuster for bruting directories to find worth investigating. From there, if I get a foot hold on a system with a low priv shell, its searchsploit and google for the rest to gain root. Nikto is def useful, but often lots of false positives. Even directory brute forcing can be noisy, but I'm only doing these on CTF Virtual machines, so I'm not so much concerned with what is on the access logs. Sparta is def a nice tool for covering the basic recon though and having it all organized in one interface, but it's automating other tools you can run(or script) on your own.

Edited by digip
Link to comment
Share on other sites

It all depends on what you are looking at testing. Nikto is a web app scanner that looks for known issues, OpenVAS is a vulnerability scanner and I've never heard of Sparta. I'd suggest playing with all the common tools, learn what they test for, learn what their limitations are when to use them.

If you want to try to pop network vulns then OpenVAS is worth running, if all you have is a web app then you are more likely to get info out of Nikto. If you want a basic port scan then nmap, if you want a fast scan against a large number of machines then Unicorn Scan.

Link to comment
Share on other sites

7 minutes ago, digininja said:

It all depends on what you are looking at testing. Nikto is a web app scanner that looks for known issues, OpenVAS is a vulnerability scanner and I've never heard of Sparta. I'd suggest playing with all the common tools, learn what they test for, learn what their limitations are when to use them.

If you want to try to pop network vulns then OpenVAS is worth running, if all you have is a web app then you are more likely to get info out of Nikto. If you want a basic port scan then nmap, if you want a fast scan against a large number of machines then Unicorn Scan.

Sparta takes an argument of an ip or subnet, scans with nmap and various tools and will help automate hydra attacks and such against targets, under one gui interface for gathering info and saving. It includes dirbuster and I think sqlmap attacks as well.

Link to comment
Share on other sites

In which case, I'd suggest learn how to use all the individual tools that it automates and then look to using it if you need to. I'd never go for automation without understanding the underlying tools.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...