Nemesida Scanner - Web Application Vulnerability Scanner

Nemesida Scanner is designed to detect vulnerabilities in web applications, such as SQL injection, XSS, LFI / RFI, XXE, Open-redirect, search for components with known vulnerabilities and critical data in open access, identify deficiencies in web application configuration, port scanning, etc. Nemesida Scanner is provided as a console version for popular Linux distributions.

Why write your scanner, if they are so full? Let's see. Most modern scanners are heavyweight GUI applications (or a web version in the form of a web server, DBMS, etc.) (besides the fact that they are quite expensive). Console (light) versions of scanners undoubtedly exist, but they have both advantages and disadvantages. An example of a great console scanner is the highly specialized wpscan. The console version of w3af is rather confused in terms of settings.

Therefore, we decided to implement a simple but multifunctional scanner that does not load the system and has rich (and constantly added) functionality.

Nemesida Scanner contains a large base of modern attack vectors and payloads (payload), not demanding of hardware. There is also a "light version" of Nemesida Scanner, used in Nemesida WAF to detect web application vulnerabilities and create virtual patching rules.

Description

Nemesida Scanner is a great helper in performing work on web application security analysis and penetration testing, allowing you to:

• identify various web vulnerabilities, such as: SQL injection, XSS, LFI / RFI, XXE, Open-redirect;
• identify components with known vulnerabilities;
• detect critical data (files, directories, subdomains) in the public domain;
• determine the versions and types of installed CMS, as well as their plug-ins;
• identify weaknesses in the web application configuration;
• pick passwords;
• scan ports and identify services.

Installing a scanner is quite trivial. The following is an example of installation on a Debian OS (there is also a CentOS version). Dependencies must be installed:

# apt-get update && apt-get install apt-transport-https 

Add repository:

 # echo "deb https://nemesida-security.com/ns/debian stretch non-free" > /etc/apt/sources.list.d/NemesidaScanner.list 

Install the gpg.key key:

 # wget -O - https://nemesida-security.com/ns/gpg.key | apt-key add - 

And perform the installation:

 # apt-get update && apt-get upgrade && apt-get install nscanner-cli 

After installation, specify the license key in the /opt/nscanner-cli/nscanner-cli.conf file (parameter: "license_key ="). The license key to work "Nemesida Scanner": 9cfc363d886c85f51cb0c9abe6c10cf1.

Example of a startup command

 # nscanner-cli --host http://example.com.ru --auth admin:password --sql --pdf /tmp/report.pdf 

Examples of using

To test the penetration of a web application, there is no need to use several tools, everything you need is already included in Nemesida Scanner. For example, at the beginning of testing, it is necessary to scan the ports of the studied web server:

 nscanner-cli --host https://testsite --port 

See the functionality and documentation .

The use of Nemesida Scanner for illegal and unlawful purposes is prohibited.

UPD: work is supported in the official distributions specified in the repository. Work in other distributions is not guaranteed.