It is possible to write a custom scanner using Metasploit Framework ‘mixins’ and Ruby programming, but that’s too advanced for me and so I will conduct a simple vulnerability scan on my Virtual Hacking Lab.
This Metasploit scan uses Netcat to banner grab on port 80:
msf > netcat
[*] exec: netcatCmd line: 192.168.1.79 80
runHTTP/1.1 400 Bad Request
Server: Microsoft-IIS/5.1
Date: Sun, 19 May 2013 09:04:37 GMT
Content-Type: text/html
Content-Length: 87
As you can see the Web server and version is identified on Port 80.
Now to download and install NeXpose (Non-commercial Community Version) a powerful vulnerability scanner from the same people (Rapid7) that bring us Metasploit.