CEH Practical Guide
  • Certified Ethical Hacker (CEH v12 and CEH V13) Practical Guide: Complete Study Resources & Tips
  • Module 2. Footprinting and Reconnaissance
    • 1. Footprinting through Search Engines
    • 2. Perform Footprinting Through Internet Research Services
    • 3. Footprinting through Social Networking sites
    • 4. Website Footprinting
    • 5. WHOIS Footprinting
    • 6. DNS Footprinting
    • 7. Network footprinting
    • 8. Email Footprinting
    • 9. Footprinting using footprinting tools
    • 10. Perform Footprinting using AI
  • Module 3. Scanning Networks
    • 1. Host Discovery
    • 2. Port and Service Discovery
    • 3. Perform OS Discovery
    • 4. Scan beyond Firewalls and IDS
    • 5. Network scanning using various tools
    • 6. Perform Network Scanning using AI
  • Module 4. Enumeration
    • 1. Netbios Enumeration (Port 137)
    • 2. SNMP Enumeration (Port 161,162)
    • 3. LDAP Enumeration (Port 389)
    • 4. NFS Enumeration
    • 5. DNS Enumeration
    • 6. SMTP Enumeration
    • 7. RPC, SMB and FTP Enumeration
    • 8. Enumeration using various tools
    • 9. Perform Enumeration using AI
  • Module 5. Vulnerability Assessment
    • 1. Perform Vulnerability Research with Vulnerability Scoring Systems and Databases
    • 2. Perform Vulnerability Assessment using Various Vulnerability Assessment Tools
    • 3. Perform Vulnerability Analysis using AI
  • Module 6. System Hacking
    • 1. Gain access to the system
    • 2. Privilege Escalation
    • 3. Maintain Remote Access and Hide Malicious Activities
    • 4. Clear Logs to hide the Evidence of Compromise
    • 5. Active Directory (AD) Attacks
  • Module 7. Malware Threats
    • 1. Gain access to systems with Trojans
    • 2. Infect the system using Virus
    • 3. Perform Static Malware Analysis
    • 4. Perform Dynamic Malware Analysis
  • Module 8. Sniffing
    • 1. Perform Active Sniffing
    • 2. Perform Network Sniffing using Various Sniffing Tools
    • 3. Detect Network Sniffing
  • Module 9. Social Engineering
    • 1. Perform Social Engineering using tools
    • 2. Detect a Phishing attack
    • 3. Audit Organization security for phishing attacks
    • 4. Social Engineering using AI
  • Module 10. Denial of Service
    • 1. Perform DOS and DDOS with various techniques
    • 2. Detect and Protect DOS and DDOS attacks
  • Module 11. Session Hijacking
    • 1. Perform Session Hijacking
    • 2. Detect Session Hijacking
  • Module 12. Evading IDS, antivirus and Honeypots
    • 1. Intrusion Detection using various tools
    • 2. Evade Firewall using Evasion Techniques
  • Module 13. Hacking Web Servers
    • 1. Footprint the Webserver
    • 2. Perform Webserver attacks
    • 3. Perform a Web Server Hacking using AI
  • Module 14. Hacking Web Applications
    • 1. Footprint the Web Infrastructure
    • 2. Perform Web applications Attacks
    • 3. Detect Web Vulnerabilities using using web application security tools
    • 4. Perform Web Application Hacking using AI
  • Module 15. SQL Injection
    • 1. Perform SQL Injection attacks
    • 2. Detect SQL Vulnerabilities using different tool
    • 3. Perform SQL Injection using AI
  • Module 16. Hacking Wireless Networks
    • 1. Footprint a wireless Network
    • 2. Perform Wireless Traffic Analysis
    • 3. Perform Wireless Attacks
  • Module 17. Hacking Mobile Platforms
    • 1. Hack Android Devices
    • 2. Secure Android Device
  • Module 18. IoT and OT Hacking
    • 1. Footprinting IoT and OT devices
    • 2. Capture and Analyze IoT traffic
    • 3. Perform IoT Attacks
  • Module 19. Cloud Computing
    • 1. Perform Reconnaissance on Azure
    • 2. S3 Bucket Enumeration
    • 3. Exploit S3 buckets
    • 4. Perform Privilege Escalation to Gain Higher Privileges
    • 5. Perform Vulnerability Assessment on Docker Images
  • Module 20. Cryptography
    • 1. Encrypt the Information using Various Cryptography Tools
    • 2. Create a self signed Certificate
    • 3. Perform Disk Encryption
    • 4. Cryptanalysis Using different tools
    • 5. Perform Cryptography using AI
  • Tips for exams
  • Additional Resources
Powered by GitBook
On this page
  • 1. Vulnerability assessment using openVAS
  • 2. Vulnerability assessment using Nessus
  • 3. Vulnerability assessment using GFI LanGuard
  • 4. Nikto scanner

Was this helpful?

  1. Module 5. Vulnerability Assessment

2. Perform Vulnerability Assessment using Various Vulnerability Assessment Tools

A vulnerability assessment is an in-depth examination of the ability of a system or application, including current security procedures and controls, to withstand exploitation.

Previous1. Perform Vulnerability Research with Vulnerability Scoring Systems and DatabasesNext3. Perform Vulnerability Analysis using AI

Last updated 6 months ago

Was this helpful?

1. Vulnerability assessment using openVAS

Run the following command to load the openVAS docker.

docker run -d -p 443:443 –-name openvas mikesplain/openvas

In a browser , go to https://127.0.0.1/. OpenVAS login page appears, log in with admin/admin.

  1. Navigate to Scans --> Tasks from the Menu bar.

    If a Welcome to the scan task management! pop-up appears, close it.

  2. Hover over wand icon and click the Task Wizard option.

  3. The Task Wizard window appears; enter the target IP address in the IP address or hostname field (here, the target system is Windows Server 2022 [10.10.1.22]) and click the Start Scan button.

  4. The task appears under the Tasks section; OpenVAS starts scanning the target IP address.

  5. Wait for the Status to change from Requested to Done. Once it is completed, click the Done button under the Status column to view the vulnerabilities found in the target system.

    It takes approximately 20 minutes for the scan to complete.

    If you are logged out of the session then login again using credentials admin/admin.

  6. Report: Results appear, displaying the discovered vulnerabilities along with their severity and port numbers on which they are running.

    The results might differ when you perform this task.

  7. Click on any vulnerability under the Vulnerability column to view its detailed information.

  8. Detailed information regarding selected vulnerability appears, as shown in the screenshot.

  9. Similarly, you can check other Reports by hovering over the Report: Results section to view other Reports regarding the vulnerabilities in the target system.

2. Vulnerability assessment using Nessus

Paid tool, industry standard.

3. Vulnerability assessment using GFI LanGuard

Windows tool

4. Nikto scanner

Nikto help

nikto -H

start the scan

nikto -h islamabadtrafficpolice.gov.pk -Tuning x

-h specifies the targer

-Tuning scan perimenters, x specifies run all scans against the target

Finding cgi directories

nikto -h certifiedhacker.com -Cgidirs all

saving the scan

nikto -h certifiedhacker.com -o result -F txt

-o filename where result will be saved

-F file type

Nessus Product FamilyTenable®
GFI LanGuard
Logo
Certified Ethical Hacker (CEHv12) Practical hands on LabsUdemy
Logo
Logo