Enumerate your target, providing screenshots. Utilize Nikto. Utilize OWASP Zap.
Enumerate your target, providing screenshots. Utilize Nikto. Utilize OWASP Zap. Identify, compare, and contrast Nikto vs. OWASP ZAP. Identify and summarize CSRF. Identify and summarize XSS. Utilize Nessus. Explore at least 10 possible vulnerabilities identified. In the presentation, be sure to detail the following, using screenshots: Utilize flaw hypothesis methodology and provide a hypothesis based on your findings. Utilizing the tools outlined above, conduct a vulnerability analysis and mapping. Describe how you would apply the tools and techniques for identifying vulnerabilities. Apply techniques to trace a vulnerability to its root cause. Utilizing your knowledge of the vulnerabilities found, what attack vectors would you hypothesize using and why? Analyze the legal, ethical, and industry standards associated with vulnerability disclosure. What is your recommendation for when a vulnerability should be disclosed to the public? Why? Using your vulnerability scans as a base, select a vulnerability and provide a hypothesis as to how the vulnerability came into being. Research the vulnerability and briefly provide a summary of the root cause.
