- Vulnerability analysis is the next phase of Ethical hacking to identify the security holes or vulnerabilities in your system or network.
- A vulnerability assessment is a process of defining, identifying, classifying and prioritizing vulnerabilities in systems, network infrastructures, and applications
- Types:
- Active assessments : Which is the process to send request to the live network directly.
- Passive assessments : Which is the process discover vulnerabilities, open ports, and etc. without sending request the target hosts.
- External assessments : Here hackers use techniques to find vulnerabilities of system from outside.
- Internal assessments : Here hackers use techniques to find vulnerabilities of system from internally.
Vulnerability Assessment Life-Cycle
Vulnerability Analysis: Tools
- Nexpose
- Tripwire IP360
- Nessus Retina Network Security Scanner
- OpenVAS
- GFI LanGuard
- Qualys Freescan
- Aircrack
- Nikto Web Vulnerability Scanner
- Wireshark
