11
NERVE is a vulnerability scanner tailored to find low-hanging fruit-level vulnerabilities, in specific application configurations, network services, and unpatched services.
Examples of some of NERVE’s detection capabilities:
- Interesting Panels (Solr, Django, PHPMyAdmin, etc.)
- Subdomain takeovers
- Open Repositories
- Information Disclosures
- Abandoned / Default Web Pages
- Misconfigurations in services (Nginx, Apache, IIS, etc.)
- SSH Servers
- Open Databases
- Open Caches
- Directory Indexing
- Best Practices
It is not a replacement for Qualys, Nessus, or OpenVAS. It does not do authenticated scans and operates in black-box mode only.
The best way to deploy it is to run it against your infrastructure from multiple regions (e.g. multiple instances of NERVE, in multiple countries), and toggle continuous mode so that you can catch short-lived vulnerabilities in dynamic environments/cloud.
For more information about N.E.R.V.E check out the Github page.
