Anyone have any good external pen testing tools that you’ve used on your self hosted setup? Mine is pretty secure overall but I would like to be able to scan the WAN for vulnerabilities or misconfigurations just to make sure I haven’t missed anything.
Check out openvas.
https://github.com/greenbone/openvas-scanner
I use Nessus professionally, they are somewhat similar. I can’t decide which one has the worse user interface.
Another +1 to openvas. Specifically, I have had much luck with this Dockerized version: https://github.com/immauss/openvas