5 - Vulnerability Analysis
Module 05 - Vulnerability Analysis
Nikto
nikto -h http://www.goodshopping.com -Tuning 1
Nessus
Nessus runs on https://localhost:8834
Username: admin
Password: password
Nessus -> Policies > Advanced scan
Discovery > Host Discovery > Turn off Ping the remote host
Port Scanning > check the Verify open TCP ports found by local port enumerators
Advanced
Max number of TCP sessions per host and = unlimited
Max number of TCP sessions per scan = unlimited
Credentials > Windows > Username & Password
Save policy > Create new scan > User Defined
Enter name & Target
Schedule tab > Turn of Enabled
Hit launch from drop-down of save.
Nmap
nmap -Pn --script vuln <Target_IP>
nmap -Pn -sCV <Target_IP>
Searchsploit
searchsploit βLinux Kernelβ
searchsploit -m 7618
-> Paste the exploit in the current directorysearchsploit -p 7618[.c]
-> Show complete pathsearchsploit β nmap file.xml
-> Search vulns inside a Nmap XML result
Additional Resources
Last updated