intTypePromotion=1
zunia.vn Tuyển sinh 2024 dành cho Gen-Z zunia.vn zunia.vn
ADSENSE
 » 
 » 

Lecture Penetration testing: Finding vulnerabilities

Chia sẻ: _ _ | Ngày: | Loại File: PDF | Số trang:21

Thêm vào BST
Báo xấu
14
lượt xem 5
download
 
  Download Vui lòng tải xuống để xem tài liệu đầy đủ

Lecture "Penetration testing: Finding vulnerabilities" provide students with knowledge about: Nmap scripting engine; Web application scanning; Metasploit; Manual analysis. Please refer to the detailed content of the lecture!

Chủ đề:

Bình luận(0) Đăng nhập để gửi bình luận!

Lưu

Nội dung Text: Lecture Penetration testing: Finding vulnerabilities

  1. Finding Vulnerabilities
  2. Contents  Nessus  Nmap scripting engine  Metasploit  Web application scanning  Manual analysis
  3. 1. Nessus
  4. Nessus  Tenable Security’s Nessus is one of the most widely used commercial vulnerability scanners, though many vendors provide comparable products  Using TCP port 8834  root@kali:~# service nessusd start
  5. Nessus
  6. Nessus
  7. Nessus
  8. Nessus  Nessus ranks vulnerabilities based on the Common Vulnerability Scoring System (CVSS), version 2, from the National Institute of Standards and Technology (NIST). Ranking is calculated based on the impact to the system if the issue is exploited
  9. 2. Nmap scripting engine
  10. Nmap scripting engine  The available scripts fall into several categories, including information gathering, active vulnerability assessment, searches for signs of previous compromises
  11. Nmap scripting engine  #nmap --script-help
  12. Nmap scripting engine
  13. 3. Metasploit
  14. Metasploit scanner modules  Metasploit can conduct vulnerability scanning via numerous auxiliary modules. These modules will not give us control of the target machine, but they will help us identify vulnerabilities for later exploitation
  15. Metasploit exploit Check Functions  Some Metasploit exploits include a check function that connects to a target to see if it is vulnerable, rather than attempting to exploit a vulnerability
  16. 4. Web application scanning
  17. Web application scanning  Nikto
  18. Web application scanning  Acunetix Web Vulnerability Scanner
  19. 5. Manual analysis
  20. Manual analysis  Exploring a Strange Port
ADSENSE

CÓ THỂ BẠN MUỐN DOWNLOAD

THÔNG TIN
TRỢ GIÚP
HỖ TRỢ KHÁCH HÀNG
Theo dõi chúng tôi

Chịu trách nhiệm nội dung:

Nguyễn Công Hà - Giám đốc Công ty TNHH TÀI LIỆU TRỰC TUYẾN VI NA

LIÊN HỆ

Địa chỉ: P402, 54A Nơ Trang Long, Phường 14, Q.Bình Thạnh, TP.HCM

Hotline: 093 303 0098

Email: support@tailieu.vn

Giấy phép Mạng Xã Hội số: 670/GP-BTTTT cấp ngày 30/11/2015 Copyright © 2022-2032 TaiLieu.VN. All rights reserved.

 

Đồng bộ tài khoản
2=>2