CEH Scanning Methodology - Scan for Vulnerability
Vulnerability Scanning
- Vulnerability scanning identifies vulnerabilities and weaknesses of a system and network in order to determine how a system can be exploited.
- Network vulnerabilities
- Open ports and running services
- Application and services vulnerabilities
- Application and services configuration errors
Vulnerability Scanning Tool: Nessus
- Nessus is the vulnerability and configuration assessment product.
Vulnerability Scanning Tool: GFI LanGuard
- GFI LanGuard assists in asset inventory, change management, risk analysis, and proving compliance.
有自動上patch功能
Vulnerability Scanning Tool: Qualys FreeScan
- Scans computers and apps on the Internet or in your network.
- Tests websites and apps for OWASP Top Risks and malware.
雲端掃描
Network Vulnerability Scanners
- MBSA (Microsoft Baseline Security Analyzer)
- OpenVAS
- Nexpose