X-Scan is a general scanner for scanning network vulnerabilities for specific IP address range or stand-alone computer by multi-threading method, plug-ins are supported. This is an old tool (last update in 2005), but some people still find it useful and there are certain situations where it can be useful (especially in those jurassic companies using old kit).
It supports Nessus NASL plugins for vulnerability scanning – which makes it pretty useful. It also has both a GUI and command line version for scripting.
The following items can be scanned:
- Remote OS type and version detection,
- Standard port status and banner information,
- SNMP information,
- CGI vulnerability detection,
- IIS vulnerability detection,
- RPC vulnerability detection,
- SSL vulnerability detection,
- SQL-server,
- FTP-server,
- SMTP-server,
- POP3-server,
- NT-server weak user/password pairs authentication module,
- NT server NETBIOS information,
- Remote Register information, etc.
The results of the scan are saved in /log directory, and are title index_ip_address.htm (if you used the GUI) or ip_address if you used the command line option. These can be directly browsed by any normal Web Browser.
Basic user and password lists are supplied to carry out a basic attack on certain services, (above), if found enabled on the host.
You can download XScan v3.3 here:
Or read more here.
Zion3R says
Create: 2005-07-18
Very old!
JKTor says
Still efficient if correctly customised (NASL and cgi.lst)