5 - Vulnerability Analysis

Module 05 - Vulnerability Analysis

What is Vulnerability Analysis

Vulnerability analysis, often referred to as vulnerability assessment or vulnerability scanning, is a systematic process of identifying, evaluating, and prioritizing security vulnerabilities within computer systems, networks, applications, and other IT environments. The goal of vulnerability analysis is to proactively discover and address weaknesses that could potentially be exploited by malicious actors. It is a fundamental component of cybersecurity and risk management.

Here are the key aspects of vulnerability analysis:

1. Identification: The first step in vulnerability analysis is to identify potential security vulnerabilities. This may involve using automated vulnerability scanning tools to scan systems and networks for known vulnerabilities. It can also include manual inspection of configurations, code, and system architecture.

2. Assessment: Once vulnerabilities are identified, they are assessed to determine their severity and potential impact on the security of the system or network. Vulnerabilities are typically categorized based on their risk level and the potential damage they could cause if exploited.

3. Prioritization: After assessing vulnerabilities, they are prioritized based on their severity and the risk they pose. Critical vulnerabilities that could lead to data breaches, system compromises, or service interruptions are typically addressed first. Prioritization helps organizations allocate resources effectively to mitigate the most significant risks.

4. Mitigation: Once vulnerabilities are prioritized, organizations take steps to remediate or mitigate the identified weaknesses. This can involve applying security patches, reconfiguring systems, updating software, enhancing security policies, or making architectural changes to improve security.

5. Continuous Monitoring: Vulnerability analysis is an ongoing process. New vulnerabilities can emerge, and the security landscape constantly evolves. Organizations must continually monitor their systems and networks for vulnerabilities and apply patches and updates as needed to maintain a strong security posture.

6. Compliance and Reporting: Many organizations are subject to regulatory requirements that mandate regular vulnerability assessments and reporting. Vulnerability analysis helps demonstrate compliance with these requirements and provides documentation for stakeholders, auditors, and management.

7. Penetration Testing: In addition to automated scanning and assessment, penetration testing (pen-testing) is another component of vulnerability analysis. Penetration testers attempt to exploit vulnerabilities in a controlled and ethical manner to validate their existence and gauge the extent of potential damage.

Nikto

• nikto -h http://www.goodshopping.com -Tuning 1

👽Nikto

Nessus

• Nessus runs on https://localhost:8834

  • Username: admin

  • Password: password

• Nessus -> Policies > Advanced scan

• Discovery > Host Discovery > Turn off Ping the remote host

• Port Scanning > check the Verify open TCP ports found by local port enumerators

• Advanced

  • Max number of TCP sessions per host and = unlimited

  • Max number of TCP sessions per scan = unlimited

• Credentials > Windows > Username & Password

• Save policy > Create new scan > User Defined

• Enter name & Target

• Schedule tab > Turn of Enabled

• Hit launch from drop-down of save.

Download Nessus

Nmap

• nmap -Pn --script vuln <Target_IP>

• nmap -Pn -sCV <Target_IP>

Searchsploit

• searchsploit “Linux Kernel”

• searchsploit -m 7618 -> Paste the exploit in the current directory

• searchsploit -p 7618[.c] -> Show complete path

• searchsploit — nmap file.xml -> Search vulns inside a Nmap XML result

Additional Resources

NVD - Vulnerabilities