Please see http://volatileminds.net/opendiagnostics/index.php/BuildAutoAssessmentServer to build a server that can run this script.

Utilizes tools such as OpenVAS, Metasploit, nmap, nikto, smbclient, nbtscan, traceroute, Microsoft Baseline Security Analyzer, w3af, and other open source tools to gather as much information about a single host or an entire network (limited to a subnet) as possible. PDF reports are generated and scan archives can be sent in an email at the end of the scan to an IT manager or whomever. For an (old) example scan archive, click here.

Examples of information provided at the end of the scan are web vulnerabilities for things such as routers, printers, NAS drives, security cameras, or anything with a web server on it. Public shares such as drives, folders, and printers are found and, if possible, a list of files on that share are saved. OpenVAS (and, to an extent, metasploit) have a vast collection of vulnerabilities that are tested against your host or network and reported back to you (PDF reports are from OpenVAS). Each host on the network is port scanned (with interesting and suspicious ports reported back) and an OS detection is performed and saved. You may also enable a remote Microsoft Baseline Security Analyzer scan on each (windows) host and have it saved as well.

<wiki:gadget url="http://www.ohloh.net/p/485492/widgets/project_thin_badge.xml" height="36" border="0"/> <wiki:gadget width="400" height="200" url="http://www.ohloh.net/p/485492/widgets/project_languages.xml" border="1"/>

<wiki:gadget url="http://www.ohloh.net/p/485492/widgets/project_users.xml" height="100" border="0"/>