One of the objectives of this chapter was to learn about the modules that allow us to connect with vulnerability scanners such as nessus and nexpose. We reviewed some definitions about vulnerabilities and exploits. After having obtained the services, ports, and operating system, among other elements, a search must be made of the their vulnerabilities in the different databases, which are available on the internet. However, there are also several tools that allow you to perform vulnerability scans automatically, such as Nessus and Nexpose.
In the next chapter, we will explore identifying server vulnerabilities in web applications with tools such as w3a and fsqlmap for detecting SQL vulnerabilities, and other tools for identifying server vulnerabilities such as ssl and heartbleed.