Vulnerability Assessment
Fundamentals
Overview
Identify and prioritize vulnerabilities using automated scanners and manual testing.
0
Exercises
1
Flashcards
1
Mind Maps
Cheatsheet
Nmap Vuln Scripts
nmap --script vuln 10.10.10.5 # Run all NSE vulnerability scripts
Searchsploit
searchsploit apache 2.4 # Search for exploits locally searchsploit -m 12345 # Mirror/copy exploit to current dir
Manual Checks
- Check service versions against CVE databases
- Test for default credentials
- Look for misconfigurations
Command Examples
Common Pitfalls
- Relying only on automated scanners
- Not verifying scanner results
Exam Survival Tips
- Note all version numbers
- Cross-reference with exploit-db