It is hard to find all the vulnerabilities that exists in an environment, especially with the ever increasing complexity and the variety of systems and software in use today. There are many techniques that can assist you, some of them are manual or scripted, but automated tools such as vulnerability scanners are also available. Vulnerability scanners are a special type of automated tools designed to identify problems and vulnerabilities in operating systems and software. This is done by checking coding, ports, variables, banners and many other potential problem areas. Tools such as vulnerability scanners are meant to be used by the defending party in an organization or by penetration testers to find out if there is a possibility of being successfully attacked and what needs to be done to remove the vulnerability. It is no surprise that attackers also use these tools when they are available to them. Although vulnerability scanners are usually used to check software applications, they also can check entire environments such as networks and virtual machines. Vulnerability scanners can be a great asset, but there are drawbacks. The scanners are designed to look for a specific group of known issues and if they don't find those issues then they may leave the false impression that the system is secure. Therefore, it is wise to verify the results of these scanning tools. Also these tools only have the ability to test for vulnerabilities the tool has been told about, by the author of the tool. Every time a new vulnerability has been released, the author of the scanner has to find a way to identify the vulnerability and then implement this into the tool itself.

Some tools in this category includes the following

• Nessus
• Nexpose
• OpenVAS
• Retina

More specialized tools exists for specific tasks such as SQLi and web site assessment and more.