Recently, many partners have asked me about how to use X-Scan. Today, I will share with you the detailed operation content of X-Scan. Let’s take a look.
1. X-Scan interface
The X-scan interface is shown in the figure, which is roughly divided into three areas. The top of the interface is the menu bar, and the bottom of the interface is the status bar. If you downloaded the English version, you can set the language to Chinese in the Language menu of the menu bar.
2. Parameter settings
Click the "Settings" menu and select "Scan Parameters" or directly click the blue button on the toolbar to enter the scan parameter settings
Detection range. Set the IP to be scanned. You can set the detection range as shown in the example, or get the host list from the file.
Global settings. Used to set global scanning parameters, as follows:
Scan module: Set the modules that need to be scanned. For scanning a single device, you can select all modules. If you scan devices within a certain range, you can check the modules that need to be scanned as needed.
Concurrent scanning: Set the concurrency of scanning, the default is enough. If the machine performance is good and the bandwidth is sufficient, the amount of concurrency can be appropriately increased.
Scan report: Set the name and type of scan report, etc.
Other settings: Set the detection mechanism for the target device, etc. If it is a single device, it is recommended to use an unconditional scan, because the test found that x scan is not very accurate in determining whether the host is alive.
Plug-in settings: Set related options for each plug-in
Port-related settings: Set port-related items. The ports to be detected can be any combination of ports. The detection method using TCP can improve the accuracy of x-scan, but it is easily blocked by the other party's firewall. The opposite is true for SYN. Identifying services based on responses, x-scan is able to determine which services are running based on responses, even if the port has been changed. Default well-known service ports, you can customize some ports as well-known service ports.
SNMP related settings: Set SNMP protocol detection items. It is recommended to select all.
NETBIOS related settings: Set the detected NETBIOS information, mainly for the detection of NETBIOS in Windows systems. It does not matter if you check it when testing a single non-Windows device.
Vulnerability detection script settings: Default is enough
CGI related settings: Set the scanning strategy of CGI (Public Gateway Interface), mainly for scanning of web servers. Normally the default.
Dictionary file settings: Set the dictionary used when scanning weak passwords. You can edit the dictionary to customize weak passwords.
3. Start scanning
After saving the configuration, click the start button on the toolbar to scan. The x-scan interface has detailed scan status. The scan time depends on the depth and breadth of the scan.
4. Scan results
After the scan is completed, x-scan will automatically pop up the scan results. The results will list the vulnerabilities and solution suggestions in detail. High-risk vulnerabilities will be marked in red fonts. As shown in the picture:
Above, I have shared with you the detailed usage and operation of X-Scan. Friends in need should hurry up and read this article.
