Docs · Tools
Vulnerability Scanner
The Vulnerability Scanner checks a web target against thousands of known issues — outdated software, dangerous defaults, exposed files, and CVE signatures — by combining Nikto, Nuclei templates, and Gobuster into one run.
- Category
- Web & API
- Powered by
nikto+nuclei+gobuster- Edition
- Pro
- Where
- Desktop → Vulnerability Scanner tab
What it does
It points multiple proven scanners at a URL: Nikto for server misconfigurations and dangerous files, Nuclei for an enormous library of CVE and exposure templates, and Gobuster for content discovery. The findings are merged and ranked so you see the real problems first.
How to use it
1
Enter a target URL
Provide the site to assess, e.g.
https://example.com.2
Choose scan depth
Pick which engines to run and how deep — a quick pass or a thorough sweep.
3
Run & triage
Click Scan. Findings stream in with severity; sort and export when done.
Engines & options
- Nikto — server misconfigurations, dangerous files and headers.
- Nuclei — community CVE/exposure templates, updated frequently.
- Gobuster — content discovery to widen coverage.
What you get
A ranked list of findings with severity and references. High-impact issues feed the Security Score vulnerability factor, and the Patch Advisor can turn them into a prioritized fix plan.
Tips
- Keep Nuclei templates updated — coverage is only as fresh as the template set.
- Run a quick pass first, then a deep scan on anything that looks exposed.
- No engines installed? A demo report previews the workflow before you install them.
Authorized use only. Only scan sites you own or are permitted to assess. Inputs are sanitized and subprocesses run without
shell=True.