摘要:
Prioritization of vulnerabilities LEVERAGE INFORMATION Leveraging information to prepare for exploitation Map vulnerabilities to potential exploits Lo 阅读全文
摘要:
Nmap Timing and Performance Options Nmap cheat sheat https://www.stationx.net/nmap-cheat-sheet/ nmap -A -p 21 -T4 10.0.0.0/24 QUICK REVIEW Understand 阅读全文
摘要:
Target Considerations Given a scenario, perform a vulnerability scan. CONTRAINER Lightweight instance of a VM Runs on to of host OS Docker, Puppet, Va 阅读全文
摘要:
Openvas - Greenbone Security Manager Virtual Machine Download the image and installed a standalone Virtual Machine is a easier and faster method. Step 阅读全文
摘要:
OpenVAS(1) Official site: https://www.openvas.org/ https://github.com/greenbone/openvas/blob/master/INSTALL.md Install perquisites on Kali: https://ww 阅读全文
摘要:
Vulnerability Scanning VULNERABILITY SCAN Structured approach to examining targets to identify known weaknesses Many different types Determine if any 阅读全文
摘要:
Application and Open-Source Resources DECOMPILATION Complier - translates source code into executable instructions Decompiler - attempts to convert ex 阅读全文
摘要:
Packet Investigation PACKET INVESTIGATION Packet crafting Creating specific network packets to gather information or carry out attacks Tools - netcat, 阅读全文
摘要:
Scanning and Enumeration INFORMATION GATHERING Scanning Process of looking at some number of "things" to determine characteristics Commonly used in pe 阅读全文
摘要:
Scope Vulnerabilities SCHEDULING AND SCOPE CREEP Scheduling When can/should tests be run? Who should be notified? When must tests be completed? Scope 阅读全文