List of tools available for vulnerability security scanning for servers and web applications
- OpenVAS (now called Greenbone Vulnerability Management GVM) https://www.openvas.org/
- OWASP ZAP (Zed Attack Proxy) https://www.zaproxy.org/
- Nmap Port Scan https://nmap.org/
- SSYyze (SSL/TLS Scanner) https://github.com/nabla-c0d3/sslyze
- Nikto Web Vulnerability Scanner https://cirt.net/Nikto2
- Google Tsunami Security Scanner https://github.com/google/tsunami-security-scanner
- Kali Tools (Linux image with tools pre-installed) https://tools.kali.org/
- WPScan (Wordpress) https://wpscan.org/
- Droopescan (Drupal) https://github.com/droope/droopescan
- NVD NIST (National Vulnerability Database) https://nvd.nist.gov/
- CVE (Common Vulnerabilities and Exposures) https://cve.mitre.org/
- CVSS (Common Vulnerability Scoring System) https://www.first.org/cvss/
We at HostedScan.com https://hostedscan.com offer a fantastic Free Forever hosted service, where you can run many of these industry-standard vulnerability scanners for free. Please let us know if you have any questions!