The commercial value of web applications has significantly increased in recent years. They progressed from simple information-sharing platforms to more sophisticated business applications. Web-based apps, unlike most other technologies, are always accessible from anywhere in the world. This makes them ideal targets for malevolent cyberattacks. Scanners can identify and mitigate an organization’s vulnerabilities. However, without a thorough awareness of a system’s weaknesses, it would be difficult to undertake effective network defense in order to keep intruders out in the real world. As a result, vulnerability scanning is an important part of a cybersecurity curriculum’s success. In this paper, we’ll look at the present state of open-source vulnerability scanning technologies. A literature review of vulnerability assessment and reporting, vulnerability scanning, vulnerability scanning technologies, security vulnerabilities, system and application security, and malicious cyber-attacks reveals that a lot of work is being done in this area. This research provides an in-depth examination of vulnerability scanning technologies. In this paper, we covered two important topics: vulnerability scanning and reporting. Then, after identifying gaps in relevant practices and presenting chosen findings, we emphasize future directions and bring this study to a conclusion. The top open-source network vulnerability scanning tools are described in detail.