121
Chapter 5
Vulnerability Assessment
Now that we have information on open ports, services, service version, and operating system of
our target host/network, we will look for its potential vulnerabilities (weaknesses) in order to get
one step closer into compromising our target (dealt with in the next chapter).
Nessus vulnerability scanner would be the prime focus of this chapter as it is one of the oldest
and best vulnerability scanners in the market. We will also see its integration with Metasploit and
how Nessus could be used within Metasploit to perform vulnerability assessment more effectively.
Apart from that, we will also take a look at another vulnerability scanner “OpenVAS,” which is
not as powerful as nessus, but is worth mentioning.
We will also take a look at
nmap’s scripting engine
, which is a built-in feature inside nmap and
can also be used for scanning different kinds of vulnerabilities. It is not as powerful as nessus as it
includes very few plug-ins, but it can still be used to detect vulnerable hosts on a target network.
So let’s start from the basics.
Dostları ilə paylaş: