Summary
In this chapter, we focused on multiple vulnerability assessment tools and techniques. We learned how to write our own vulnerability script for Nmap using NSE, and how to use a tool that can convert the findings from active reconnaissance into a defined action that establishes access for the tester to the target. We also learned how to install the OpenVAS, Nessus, and Nexpose vulnerability scanners on Kali Linux and utilize the community edition of Qualys in the cloud.
Kali provides several tools to facilitate the development, selection, and activation of exploits, including the internal exploit-db (searchsploit), as well as several frameworks that simplify the use and management of exploits. We also explored the application-specific WordPress security scanner (WPScan) and discussed the basic principles of threat modeling. Additionally, we learned how to create a threat DFD using pytm, which helps penetration testers identify most entry points and infiltrate a web...
