Throughout the scanning phase, penetration testers and ethical hackers gather very useful information about the target environment that will be critical in the ongoing stages of a test.
Scanning and identifying vulnerabilities is often considered one of the more tedious tasks by most penetration testers and ethical hackers. However, it’s one of the most important. This should be considered your homework phase. Just like in school, the homework and quizzes are designed so that you can show mastery for your exam.
Suggested Read: List of Security Related RSS Feeds – Bookmark 2018
VirusTotal inspects items with over 70 antivirus scanners and URL/domain blacklisting services, in addition to a myriad of tools to extract signals from the studied content.
Any user can select a file from their computer using their browser and send it to VirusTotal.
VirusTotal offers a number of file submission methods, including the primary public web interface, desktop uploaders, browser extensions and a programmatic API.
With virustotal.com, you can do mainly 3 things:
- Scan a URL – https://www.virustotal.com/#/home/url
- Scan a File – https://www.virustotal.com/#/home/upload
- Search a URL – https://www.virustotal.com/#/home/search
IPVoid is a free service developed by NoVirusThanks Company Srl. It was born in 2010 as an IP blacklist checker service, to scan an IP address with multiple IP blacklist and DNSBL services.
The mission of IPVoid is to provide free tools to troubleshoot network problems and to help in gathering information about IP addresses. Below you can find the list of scanners which Ipvoid.com provides:
- Blacklist Check – http://www.ipvoid.com/ip-blacklist-check/
- Whois Lookup – http://www.ipvoid.com/whois/
- Ping Lookup – http://www.ipvoid.com/ping/
- HTTP Headers – http://www.ipvoid.com/http-headers/
- DiG DNS Lookup – http://www.ipvoid.com/dig-dns-lookup/
- MX Lookup – http://www.ipvoid.com/mx-lookup/
- Reverse DNS Lookup – http://www.ipvoid.com/reverse-dns-lookup/
- Find Website IP – http://www.ipvoid.com/find-website-ip/
- Traceroute – http://www.ipvoid.com/traceroute/
- My IP Address – http://www.ipvoid.com/my-ip/
- IP Geolocation – http://www.ipvoid.com/ip-geolocation/
- Htpasswd Generator – http://www.ipvoid.com/htpasswd-generator/
URLVoid is a free service developed by NoVirusThanks on the late 2010 that allows users to scan a website with multiple website reputation engines and domain blacklisting services, to facilitate the detection of dangerous websites related to malware, phishing, scam and fraudulent activities.
With URLVoid.com, you can perform various things such as:
- Website Reputation Checker – https://www.urlvoid.com/
- Whois Lookup Online – https://www.urlvoid.com/whois-lookup/
- DNS Records Lookup Tool – https://www.urlvoid.com/dns-records-lookup/
- Ping Host/IP Online – https://www.urlvoid.com/ping-host-ip-online/
4. Web Inspector
Web Inspector is another innovative product from the computer scientists and Internet gurus of Comodo, a leading provider of Internet Security solutions. Web Inspector is the type of system that our users have come to expect from our award winning product line; effective, easy to use and feature rich. We work tirelessly on ways to prevent problems that cost you time, money and your reputation.
Web Inspector is a free, cloud-based service that performs website security check, removes malware & helps you protect websites from hackers.
5. Sitecheck Sucuri
Sucuri SiteCheck scanner will check the website for known malware, blacklisting status, website errors, and out-of-date software.
Besides online scanning, Sucuri also provides a wide range of services like:
- Website Scanning and Detection starts from $199.99/yr
- Website Protection starts from $199.99/yr
- Increase Website Speed starts from $9.99/month
- Website Malware Removal starts from $199.99/yr
- Website Backups starts from $5/month
6. URL Query
urlQuery.net is a service for detecting and analyzing web-based malware. It provides detailed information about the activities a browser does while visiting a site and presents the information for further analysis.
7. Central Ops
Centralops website is a collection of internet utilities tools through which you can easily investigate domains and IP addresses along with other useful information such as Registrant information, DNS Records and many more.
Here is the list of all scanners which centralops provides:
- Domain Dossier – https://centralops.net/co/DomainDossier.aspx
- Domain Check – https://centralops.net/asp/co/DomainCheck.vbs.asp
- Email Dossier – https://centralops.net/co/EmailDossier.aspx
- Browser Mirror – https://centralops.net/asp/co/BrowserMirror.vbs.asp
- Ping – https://centralops.net/co/Ping.aspx
- Traceroute – https://centralops.net/co/Traceroute.aspx
- NSLookup – https://centralops.net/co/NsLookup.aspx
- AutoWhois – https://hexillion.com/asp/samples/AutoWhois.vbs.asp
- AnalyzePath – https://hexillion.com/asp/samples/AspAnalyzePath.asp
8. Network Tools
Network-tools.com is a website which provides a variety of online scanning services such as Whois, Ping Scan, Trace route, Network lookup, URL encode/decode, Scan http headers etc.
Shodan is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the server sends back to the client.
This can be information about the server software, what options the service supports, a welcome message or anything else that the client can find out before interacting with the server.
More References –
- Find Vulnerable Webcams with Shodan [Metasploit Framework]
- Shodan Search Examples
- Exploitation of DVR Cameras – CVE-2018-9995 [Tutorial]
- Exploitation of Opendreambox – Remote Code Execution
- Palo Alto (PAN-OS) Exploitation CVE-2017-15944 – Live Demonstration
Robtex is used for various kinds of research of IP numbers, Domain names, etc. Robtex uses various sources to gather public information about IP numbers, domain names, host names, Autonomous systems, routes etc. It then indexes the data in a big database and provide free access to the data.