Finding Vulnerabilities

Uploaded by

hungnd24fpt

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

7 views

Finding Vulnerabilities

Uploaded by

hungnd24fpt

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 21

Finding Vulnerabilities

Contents
 Nessus

 Nmap scripting engine

 Metasploit

 Web application scanning

 Manual analysis
1. Nessus
Nessus
 Tenable Security’s Nessus is one of the most widely used commercial

vulnerability scanners, though many vendors provide comparable products

 Using TCP port 8834

 root@kali:~# service nessusd start

Nessus
Nessus
Nessus
Nessus
 Nessus ranks vulnerabilities based on the Common Vulnerability Scoring

System (CVSS), version 2, from the National Institute of Standards and

Technology (NIST). Ranking is calculated based on the impact to the
system if the issue is exploited
2. Nmap scripting engine
Nmap scripting engine
 The available scripts fall into several categories, including information

gathering, active vulnerability assessment, searches for signs of previous

compromises
Nmap scripting engine
 #nmap --script-help <ten_catelogy>
Nmap scripting engine
3. Metasploit
Metasploit scanner modules
 Metasploit can conduct vulnerability scanning via numerous auxiliary

modules. These modules will not give us control of the target machine, but
they will help us identify vulnerabilities for later exploitation
Metasploit exploit Check Functions
 Some Metasploit exploits include a check function that connects to a target

to see if it is vulnerable, rather than attempting to exploit a vulnerability

4. Web application scanning
Web application scanning
 Nikto
Web application scanning
 Acunetix Web Vulnerability Scanner
5. Manual analysis
Manual analysis
 Exploring a Strange Port
Manual analysis
 Finding Valid Usernames

Vulnerability Assessment
100% (2)
Vulnerability Assessment
22 pages
Lab #5
No ratings yet
Lab #5
3 pages
5. Vulnerabilities (EN)
No ratings yet
5. Vulnerabilities (EN)
21 pages
Materi 6 Vulnerability Assessment - V
No ratings yet
Materi 6 Vulnerability Assessment - V
42 pages
Lab 5: How To Identify Risks, Threats & Vulnerabilities in An It Infrastructure Using Zenmap Gui (Nmap) & Nessus® Reports
No ratings yet
Lab 5: How To Identify Risks, Threats & Vulnerabilities in An It Infrastructure Using Zenmap Gui (Nmap) & Nessus® Reports
3 pages
Lab5 Iaa202
No ratings yet
Lab5 Iaa202
5 pages
Vulnerability Analysis
No ratings yet
Vulnerability Analysis
11 pages
Lab5 IAA202
No ratings yet
Lab5 IAA202
4 pages
Lab 5
No ratings yet
Lab 5
4 pages
Hunting For Vulnerabilities Using Metasploit
No ratings yet
Hunting For Vulnerabilities Using Metasploit
12 pages
Practical 7
No ratings yet
Practical 7
5 pages
Nessus
No ratings yet
Nessus
7 pages
IS3110 LAB 5 Assesment Worksheet
100% (1)
IS3110 LAB 5 Assesment Worksheet
6 pages
Project 2 Implementing a Tenable Nessus Vulnerability Scanner
No ratings yet
Project 2 Implementing a Tenable Nessus Vulnerability Scanner
9 pages
Sunilkumar - Goleytamang Lab 3 22.07.2024
No ratings yet
Sunilkumar - Goleytamang Lab 3 22.07.2024
16 pages
Penetration Testing Fundamentals-2: Penetration Testing Study Guide To Breaking Into Systems
From Everand
Penetration Testing Fundamentals-2: Penetration Testing Study Guide To Breaking Into Systems
Devi Prasad
No ratings yet
Nessus Presentation Noah Berson
No ratings yet
Nessus Presentation Noah Berson
6 pages
5.vulnerability Analysis
100% (1)
5.vulnerability Analysis
18 pages
Lab5_LeHoangKhang_SE172991_IAA202_2025
No ratings yet
Lab5_LeHoangKhang_SE172991_IAA202_2025
2 pages
Dương Chí Hùng SE151235 Lab05
No ratings yet
Dương Chí Hùng SE151235 Lab05
3 pages
"Praktikum Vulnerabilities": (Cehv10 Modul 5)
No ratings yet
"Praktikum Vulnerabilities": (Cehv10 Modul 5)
23 pages
Experiment No. 5
No ratings yet
Experiment No. 5
9 pages
Nessus
No ratings yet
Nessus
23 pages
Lab5 IAA202 HoVietAn
No ratings yet
Lab5 IAA202 HoVietAn
2 pages
Intro Cyber Proj
No ratings yet
Intro Cyber Proj
13 pages
NESSUS Group #01 (004,042) IS Presentation
No ratings yet
NESSUS Group #01 (004,042) IS Presentation
24 pages
CEH Module 5
No ratings yet
CEH Module 5
39 pages
Raj Agrawal - Expt-5 - VAPT
No ratings yet
Raj Agrawal - Expt-5 - VAPT
9 pages
Nessus Professional Vulnerability Scanner Complete Vulnerability Coverage
No ratings yet
Nessus Professional Vulnerability Scanner Complete Vulnerability Coverage
2 pages
Lab #5: How To Identify Risks, Threats & Vulnerabilities in An It Infrastructure Using Zenmap Gui (Nmap) & Nessus® Reports
100% (1)
Lab #5: How To Identify Risks, Threats & Vulnerabilities in An It Infrastructure Using Zenmap Gui (Nmap) & Nessus® Reports
4 pages
IAA202 Lab5 SE140810
No ratings yet
IAA202 Lab5 SE140810
2 pages
Iaa202 - Lab 5
No ratings yet
Iaa202 - Lab 5
3 pages
Lab05 IAA202 HE181705 Nguyễn Xuân Phương
No ratings yet
Lab05 IAA202 HE181705 Nguyễn Xuân Phương
8 pages
Lab 5
No ratings yet
Lab 5
3 pages
Nessus Seminar
No ratings yet
Nessus Seminar
8 pages
Is Presentation[1]
No ratings yet
Is Presentation[1]
20 pages
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
From Everand
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
Dr. Hedaya Mahmood Alasooly
No ratings yet
NES 554 Computer Networks Defense Lab #4: Nessus
No ratings yet
NES 554 Computer Networks Defense Lab #4: Nessus
1 page
Nessus Datasheet
No ratings yet
Nessus Datasheet
2 pages
Penetration Testing Report
No ratings yet
Penetration Testing Report
25 pages
Data Sheet - Nessus Professional-Aug17
100% (1)
Data Sheet - Nessus Professional-Aug17
2 pages
EXP 2 PT
No ratings yet
EXP 2 PT
6 pages
Network Vulnerability Assessment Report
No ratings yet
Network Vulnerability Assessment Report
24 pages
Nessus Introduction
No ratings yet
Nessus Introduction
3 pages
CS Practical - 7
No ratings yet
CS Practical - 7
16 pages
Laboratory 5
No ratings yet
Laboratory 5
4 pages
Lab 7 - Vulnerability Assessment - Nessus
No ratings yet
Lab 7 - Vulnerability Assessment - Nessus
1 page
Vuln - Task 2
No ratings yet
Vuln - Task 2
4 pages
Cybersecurity
No ratings yet
Cybersecurity
7 pages
Evaluation of Some Windows and Linux Intrusion Detection Tools
From Everand
Evaluation of Some Windows and Linux Intrusion Detection Tools
Dr. Hidaia Mahmood Alassouli
No ratings yet
Overview of Some Windows and Linux Intrusion Detection Tools
From Everand
Overview of Some Windows and Linux Intrusion Detection Tools
Dr. Hidaia Mahmood Alassouli
No ratings yet
Lab 6- Vulnerability Analysis (1) (2)
No ratings yet
Lab 6- Vulnerability Analysis (1) (2)
5 pages
Vulnerability Assessment: Section 03 - Module 03
No ratings yet
Vulnerability Assessment: Section 03 - Module 03
35 pages
Metasploit Pro v4.11
No ratings yet
Metasploit Pro v4.11
188 pages
Penetration Testing
No ratings yet
Penetration Testing
15 pages
Evaluation of Some Windows and Linux Intrusion Detection Tools
From Everand
Evaluation of Some Windows and Linux Intrusion Detection Tools
Dr. Hedaya Alasooly
No ratings yet
23011103042_SSM_RECORD
No ratings yet
23011103042_SSM_RECORD
57 pages
Network Vulnerability Scanning: By:-Prachee Ratnaparkhi Msc-Ii, Roll - No. 17
No ratings yet
Network Vulnerability Scanning: By:-Prachee Ratnaparkhi Msc-Ii, Roll - No. 17
14 pages
Nessus
No ratings yet
Nessus
15 pages

Finding Vulnerabilities

Uploaded by

Finding Vulnerabilities

Uploaded by

Finding Vulnerabilities

 Nmap scripting engine

 Web application scanning

vulnerability scanners, though many vendors provide comparable products

 Using TCP port 8834

 root@kali:~# service nessusd start

System (CVSS), version 2, from the National Institute of Standards and

gathering, active vulnerability assessment, searches for signs of previous

to see if it is vulnerable, rather than attempting to exploit a vulnerability

You might also like