CHAPTER 10. Vulnerability Identification
Introduction
Долг долга платит. – Russian proverb: “One ill turn deserves another.”
In this chapter, we examine systems closer than we did during the Information Gathering phase; in the previous phase of the penetration test, we collected data on operating systems (OSes), Internet Protocol (IP) addresses, application data, and more from sources on the Internet. During the Vulnerability Identification phase, we will use this information to shape our probes and communicate directly with the targets with the intent of identifying potential threats and vulnerabilities.
To understand what types of vulnerabilities exist on a target system, we need to know specifics about the OS, what services ...
Get Professional Penetration Testing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.