Ethical Hacking: Vulnerability Analysis

Manage risk by assessing vulnerabilities. Learn about the processes, methodologies, and tools you need to find and address weaknesses that attackers might exploit.

Introduction

• Managing risk
• Discovering resources
• Hacking ethically: Disclaimer

1. Managing Organizational Risk

• Risks threats and vulnerabilities
• Recognizing common vulnerabilities
• Classifying vulnerabilities
• Assessing vulnerabilities
• Vulnerability management life cycle
• Modeling threats
• Challenge: Threat modeling exercise
• Solution: Threat modeling exercise

2. Analyzing Vulnerabilities

• Common Vulnerability Scoring System
• Common vulnerabilities and exposures
• Outsourcing vulnerability analysis
• Bug bounty white hat hacking
• Challenge: The Temporal metric group
• Solution: The Temporal metric group

3. Vulnerability Assessment Tools

• Installing Kali Linux
• Assessment tools
• Nikto demo
• Securing mobile devices
• Fuzz testing

4. Defending the LAN

• LAN vulnerability scanners
• Scanning the LAN
• Selecting a vulnerability assessment tool
• Updates and patches
• Firewalls and HIDS
• Vulnerability assessment reports

Conclusion

• Next steps