Vunrability Scanners

[proxx]

Bet that ban list is a nice collection of proxies and tor exit nodes.
Really though, who is going to be blackbox scanning a website from their own IP?

Because it doesn't really matter doing so.
You know , who gives a fuck , if I would have to report every single malicious attempt I would have nothing else to do the entire day.
Since most of it is dynamic anyway it is only relevant for a short period.
Irl it does hardly matter , you end up banned , end of story.
You gotta do some real nasty shit if you want to end up blacklisted

[ande]

Lets try to remember that vulnerability scanners are not malicious by themselves, and are in fact handy tools for those making software and web pages.

[anUser190]

I find that scanners are very noisy and the result are too many false-positives, which you spend too much time verifying.

In case of an engagement I'd use scanners as they are "free" in terms of click and run for some hours, while you spend time doing something else and the noise is not a problem if agreed upon. Some engagements requires a more under the radar approach though.

What do you do instead of using a scanner? nmap to see what ports are open and then version them one at a time, then look up on websites to see if the versions have vulnerabilities?

[Killeramor]

Yeah he needs to jump off a bridge with that.

[GlobalRoot]

Hello, Offline Nortcele

You can always find cracks for paid ones. You can find cracks at torrenting websites like Kickass.to but most torrents have some sort of malware in it. I reconmend you start learning about web pentesting. You get more out of it. In the long run you will be very happy with it. Manually is a lot better in my opinion.