# Can we find out Web application vulnearabilities at code level using Zenmap? if so How?

I was wondering if we could perform --script --vuln scan on the websites to find out vulnerabilities relating to the applications code level, may be that feature is not implemented to the tool yet, and are you trying for that implementation, a heads up would be appreciated.

##### Post Metadata
- Posted at: about 7 years ago
- Author title: Certified Ethical Hacker | Information Security Consultant at Digital Age Strategies Pvt Ltd
- Net upvotes: 1


## Comments
### Comment 1

Zenmap is not a Web app vulnerability scanner. With Zenmap you can do network level vulnerability scanning on your web server (check for open ports and such), but it will tell you nothing about your web app. For Web vulerability scanning I would recommend either the Nikto (open source) or Burp Suite (propietary) vulnerability scanners.

You could implement your own Web scanning with Zenmap using it&#39;s scripting engine, but considering that there are vulnerability scanners for the Web already available it may be more trouble than it&#39;s worth.

##### Comment Metadata
- Posted at: almost 7 years ago
- Author title: Instructor Professor at Universidad Central de Venezuela
- Net upvotes: 1



## Related Product
[Zenmap](https://www.g2.com/products/zenmap/reviews)

## Related Category
[Vulnerability Scanner](https://www.g2.com/categories/vulnerability-scanner)

## Related discussions
- [How well does Trello scale into a larger team?](https://www.g2.com/discussions/1-how-well-does-trello-scale-into-a-larger-team)
  - Posted at: about 13 years ago
  - Comments: 6
- [Can we please add a new section](https://www.g2.com/discussions/2-can-we-please-add-a-new-section)
  - Posted at: about 13 years ago
  - Comments: 0
- [Quantifiable benefits from implementing your CRM](https://www.g2.com/discussions/quantifiable-benefits-from-implementing-your-crm)
  - Posted at: about 13 years ago
  - Comments: 4


