NERVE - Network Exploitation, Reconnaissance & Vulnerability Engine

Oct 1, 2020

NERVE is a vulnerability scanner tailored to find low-hanging fruit level vulnerabilities, in specific application configurations, network services, and unpatched services.

It is not a replacement for Qualys, Nessus, or OpenVAS. It does not do authenticated scans and operates in black-box mode only.

NERVE will do "some" CVE checks, but this is primarily coming from version fingerprinting.

Example of some of NERVE's detection capabilities:

  • Interesting Panels (Solr, Django, PHPMyAdmin, etc.)
  • Subdomain takeovers
  • Open Repositories
  • Information Disclosures
  • Abandoned / Default Web Pages
  • Misconfigurations in services (Nginx, Apache, IIS, etc.)
  • SSH Servers
  • Open Databases
  • Open Caches
  • Directory Indexing
  • Best Practices

Continuous Security

We believe security scanning should be done continuously. Not daily, weekly, monthly, or quarterly.

The benefit of running security scanning continuously can be any of the following:

  • You have a dynamic environment where infrastructure gets created every minute/hour/etc.
  • You want to be the first to catch issues before anyone else
  • You want the ability to respond quickly.

NERVE was created to address this problem. Commercial tools are great, but they are also heavy, not easily extensible, and cost money.

Author

Hakin9 TEAM
Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023