Automatic Vulnerability Scanner
Allows the user to search for different types of computers connected to the network (webcam, router, server, etc.) using a variety of filters. It can also provide information about server software, port status, active services, known vulnerabilities of each service, and exploit codes for those vulnerabilities.
- Scan 2 thousand common TCP/UDP ports at very high speed (about 100 thousand packets per second)
- Service scanning and Banner Grabbing
- CPE extraction of the running service (Common Platform Enumeration)
- CVE extraction (vulnerabilities) based on the obtained CPE
- Search for vulnerability exploit codes based on CVE
- Extracting SSL certificates
- Extract HTTP headers
- Extracting technologies used in web applications
- Search results obtained with many types of filters
- Visualization of scan results
- Possibility of automatic exploitation through Metasploit framework and Nmap
- The possibility of periodically scanning network equipment and checking the open or closed state of unnecessary ports, which is always a security threat.
- Ability to discover vulnerable equipment in the shortest possible time after a CVE is publicly released
- The possibility of discovering unauthorized services running on the network
- The possibility of executing all kinds of vulnerable PoC codes (for example, discovering FTP servers that allow Anonymous Login)
- Ability to check expired or about to expire SSL certificates
- Ability to check expired or about to expire SSL certificates
- Ability to identify operating systems that have reached EoL
- The possibility of identifying databases without the need for authentication
- Automatically scan vulnerabilities at the organization's network level
- Quick scan of organization's ports and services
- Ability to automatically exploit vulnerabilities
- Visualization of results and the possibility of creating a scan profile