Saram Consulting

Agent Skills for Vulnerability Testing

2 min read

Step 1: Ask AI

Question

what are some best cli based vulnerability testing tools right now?

Kimi 2.6 Thinking Answer

Here are some of the best CLI-based vulnerability testing tools widely used right now, organized by use case:

Network & Infrastructure Scanning

  • Nmap + NSE scripts — The classic network mapper with a powerful scripting engine for vulnerability detection, service enumeration, and exploitation checks.
  • OpenVAS/GVM (Greenbone CLI) — Open-source vulnerability scanner with an extensive CVE database; the CLI (gvm-cli) is great for automated scans.
  • Nuclei — Fast, community-driven vulnerability scanner using YAML-based templates. Excellent for continuous scanning and large-scale recon.
  • Masscan — Ultra-fast TCP port scanner, useful for quickly mapping attack surfaces before deeper scanning.

Web Application Security

  • SQLMap — The gold standard for automated SQL injection detection and exploitation.
  • Nikto — Web server scanner that checks for dangerous files, outdated software, and misconfigurations.
  • WPScan — Specialized for WordPress sites; checks for vulnerable plugins, themes, and core files.
  • DalFox — Modern, fast XSS scanner and parameter analyzer.
  • Gobuster / Feroxbuster — Directory and file brute-forcing tools for discovering hidden endpoints.

Container & Cloud Security

  • Trivy — Comprehensive scanner for container images, filesystems, Git repos, and Infrastructure-as-Code (Terraform, CloudFormation). Very fast and low false positives.
  • Grype — CLI vulnerability scanner for container images and filesystems from Anchore.
  • Snyk CLI — Scans dependencies, containers, and IaC for known vulnerabilities (free tier available).
  • Checkov — Static analysis tool for IaC (Terraform, CloudFormation, Kubernetes) to find misconfigurations.

Static & Dynamic Analysis (SAST/DAST)

  • Semgrep — Lightweight static analysis that supports many languages; great for finding security bugs and enforcing code patterns.
  • Bandit — Python-specific security linter.
  • Brakeman — Ruby on Rails security scanner.
  • OWASP ZAP (zap-cli) — Popular web app DAST tool with a command-line interface for automation.

Exploitation & Penetration Testing

  • Metasploit Framework (msfconsole) — Massive exploit database and penetration testing framework.
  • Netcat / Ncat — Swiss army knife for networking, useful for manual testing and reverse shells.

General Recon & Enumeration

  • Amass — In-depth DNS enumeration and attack surface mapping.
  • Subfinder / Assetfinder — Fast subdomain discovery tools.
  • HTTPX — Fast, multi-purpose HTTP prober for verifying live hosts and capturing response data.

Quick recommendation: If you’re building a modern CI/CD pipeline, Trivy + Semgrep + Nuclei is a powerful, lightweight combination. For general penetration testing, you can’t go wrong with Nmap, SQLMap, and Metasploit.

Graph View

Backlinks