We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!
Nessus is one of the most popular and capable vulnerability scanners, particularly for UNIX systems. It was initially free and open source, but they closed the source code in 2005 and removed the free "Registered Feed" version in 2008. It now costs $2,190 per year, which still beats many of its competitors. A free “Nessus Home” version is also available, though it is limited and only licensed for home network use.
Nessus is constantly updated, with more than 70,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones.
Read 24 reviews.
Latest release: version 6.3.3 on March 16, 2015 (6 years, 3 months ago).
OpenVAS is a vulnerability scanner that was forked from the last free version of Nessus after that tool went proprietary in 2005. OpenVAS plugins are still written in the Nessus NASL language. The project seemed dead for a while, but development has restarted.
Read 38 reviews.
Latest release: version 8.0 on April 2, 2015 (6 years, 2 months ago).
Core Impact isn't cheap (be prepared to spend at least $30,000), but it is widely considered to be the most powerful exploitation tool available. It sports a large, regularly updated database of professional exploits, and can do neat tricks like exploiting one machine and then establishing an encrypted tunnel through that machine to reach and exploit other boxes. Other good options include Metasploit and Canvas.
Read 22 reviews.
Latest release: version 12 on Aug. 8, 2011 (9 years, 10 months ago).
Rapid7 Nexpose is a vulnerability scanner which aims to support the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation. It integrates with Rapid7's Metasploit for vulnerability exploitation. It is sold as standalone software, an appliance, virtual machine, or as a managed service or private cloud deployment. User interaction is through a web browser. There is a free but limited community edition as well as commercial versions which start at $2,000 per user per year.
Read 19 reviews.
GFI LanGuard is a network security and vulnerability scanner designed to help with patch management, network and software audits, and vulnerability assessments. The price is based on the number of IP addresses you wish to scan. A free trial version (up to 5 IP addresses) is available.
Read 6 reviews.
Latest release: version 2011 on May 19, 2001 (20 years, 1 month ago).
QualysGuard is a popular SaaS (software as a service) vulnerability management offering. It's web-based UI offers network discovery and mapping, asset prioritization, vulnerability assessment reporting and remediation tracking according to business risk. Internal scans are handled by Qualys appliances which communicate back to the cloud-based system.
Read 5 reviews.
Latest release: version 6.18 on Feb. 25, 2011 (10 years, 4 months ago).
Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM). Apparently MBSA on average scans over 3 million computers each week.
Read 3 reviews.
Latest release: version 2.3 on Nov. 12, 2013 (7 years, 7 months ago).
Secunia PSI (Personal Software Inspector) is a free security tool designed to detect vulnerable and out-dated programs and plug-ins that expose your PC to attacks. Attacks exploiting vulnerable programs and plug-ins are rarely blocked by traditional anti-virus programs. Secunia PSI checks only the machine it is running on, while its commercial sibling Secunia CSI (Corporate Software Inspector) scans multiple machines on a network.
Read 6 reviews.
Latest release: version 2.0 on Jan. 10, 2011 (10 years, 5 months ago).
Nipper (short for Network Infrastructure Parser, previously known as CiscoParse) audits the security of network devices such as switches, routers, and firewalls. It works by parsing and analyzing device configuration file which the Nipper user must supply. This was an open source tool until its developer (Titania) released a commercial version and tried to hide their old GPL releases (including the GPLv2 version 0.10 source tarball).
Read 3 reviews.
SAINT is a commercial vulnerability assessment and penetration system. It was originally developed in the late 1990's as free UNIX tool based on the open source SATAN scanner. Later it went commercial and broadened into a whole suite of tools for vulnerability detection, exploitation, and asset management. It is available on multiple platforms, including appliances (SAINTbox) and cloud-hosted (SAINTcloud). Top competitors include Nessus, Nexpose, and QualysGuard.
Read 13 reviews.
Latest release: version 9.8 on May 1, 2020 (1 year, 1 month ago).