Vulnerability Analysis and Vulnerability Assessment are the same but the difference is that in Vulnerability Analysis, the attacker finds the vulnerabilities to exploit while in Vulnerability Assessment, an Ethical Hacker does the Vulnerability Analysis to help the organization to find the vulnerabilities and fix them to protect the organization from cyber security attacks.
Category: Reconnaissance
Vulnerability Analysis
Vulnerability Analysis is the final sub-phase of Reconnaissance. During Vulnerability Analysis, the attacker discovers the various vulnerabilities in the victim system that can be used to gain access of the target and then exploit to attain the attack objective.
Footprinting
Footprinting is the process in which an attacker gathers information about the target (a person or organization). It is the initial sub-phase of Reconnaissance phase of a Cyber Security attack. Types of Footprinting Passive Footprinting is process of gathering information about target without direct contact with the target from Internet, Open Source Intelligence (OSIN), Social Network…
NetBIOS Enumeration
NetBIOS is a legacy API that was used for communication between systems on LAN. Each system had an unique NetBIOS name assigned to it. When a machine wanted to connect to other system, it would resolve the NetBIOS name of the target system to it’s corresponding IP address and then connect. NetBIOS had vulnerabilities and…
OS Discovery
In the Scanning sub phase of the Reconnaissance phase blog, we covered that in this phase, we gather information about the target. In the scanning process, we identify the active IP addresses on the network and active ports/services on each system. The next step is to identify the OS running the system. This process is…
Scanning
Scanning is part of the Reconnaissance phase where the attacker gathers information about a target. It is type of active reconnaissance during which the network and systems are scanned. In the scanning, the live systems (IP addresses) are found and then the active ports on a system are identified. Post which, OS type (Windows, Unix,…
Reconnaissance
Reconnaissance is the phase in which an attacker gathers information of the target to be attacked. The target can be a person or a system or an infrastructure. The following are the sub phases of Reconnaissance: