Assignment 2 Nielit

Cyber security

Uploaded by

srsjnb

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

32 views

Assignment 2 Nielit

Cyber security

Uploaded by

srsjnb

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 5

ASSIGNMENT -2

Submitted By
Shubham Raj Satyam

Q. (1) What is vulnerability scan? How do you ensure the accuracy

of your scans?
Ans: Vulnerability scanning is an automated process that identifies
potential security weaknesses in systems, networks, and applications. It
scans for known vulnerabilities, misconfigurations, and other issues that
could be exploited by attackers
To ensure the accuracy of a vulnerability scan, you can:
Verify the scanner
Check the scanner's documentation to confirm it can check for security
issues in your organization's software and applications.
Compare results
Compare the scan results with other sources of information, such as logs,
reports, or manual tests.
Review the scan report
Check for false positives or false negatives that may skew the
interpretation of the results.
Validate against benchmarks
Assess the consistency of findings across different scans and validation
against known vulnerabilities or security benchmarks.

Q. (a) Do a Vulnerability Analysis on metaspoilatable?

Ans: Reconnaissance to gather preliminary information. Scanning and
enumeration to identify services and potential vulnerabilities. Detailed
analysis and exploitation of vulnerabilities . Documentation of each step,
findings, and recommendations for mitigation.
Q. (b) How to use Searchsploit in Kali Linux?
Searchsploit is a command-line utility for Kali Linux that allows users to
search the Exploit Database for potential vulnerabilities and exploits. It
is a handy tool for penetration testers and security researchers. Here’s a
step-by-step guide on how to use Searchsploit in Kali Linux:
1. Update Exploit-DB Repository
Before using Searchsploit, it’s good practice to update the local exploit
database to ensure you have the latest exploits.
sudo searchsploit -u
2. Basic Search
To perform a basic search, simply type searchsploit followed by your
search term.
searchsploit [search_term]
For example, to search for exploits related to "Apache":
searchsploit apache
3. Using Advanced Search Options
Searchsploit supports various options to refine your search:

Exact Matches Only (-e or --exact): Search for exact matches.

searchsploit -e apache
Case Sensitive Search (-s or --case-sensitive): Perform a case-sensitive
search.
searchsploit -s Apache
Exclude Non-Exploits (-x or --exclude): Exclude non-exploits like
shellcodes.
searchsploit -x apache
Search by EDB-ID (-j or --json): Output results in JSON format.
searchsploit -j apache
4. Viewing Exploit Details
To view details of a specific exploit, use the -p option followed by the
path or ID of the exploit.
searchsploit -p exploits/webservers/apache/httpd/40700.txt
5. Copy Exploit to Current Directory
To copy an exploit to your current working directory, use the -m option
followed by the path or ID of the exploit.
searchsploit -m 40700
6. Searching Using Multiple Keywords
You can search using multiple keywords by enclosing them in quotes.
searchsploit "apache buffer overflow"
7. Combining Options
You can combine various options to refine your search further.
searchsploit -s -e "apache 2.4"
8. Help and Documentation
For more options and detailed usage, you can refer to the help
documentation.
searchsploit -h
Q. (c) Explain any 5 Vulnerability Analysis Tools?
Ans: Burp Suite:A web vulnerability scanner that can check for
vulnerabilities like SQL injection, OS command injection, and cleartext
password submission. It also has a web application crawler that can
analyze applications and report on their volatile content.

Nmap
A vulnerability scanning tool that includes features like OS detection,
version detection, and flexible scripting. It can also integrate with other
security and management tools.

Netsparker
A vulnerability scanner tool that can find vulnerabilities in web
applications and websites, including standard vulnerabilities like SQL
injection and cross-site scripting. It's compatible with all languages.

Manageengine Vulnerability Manager Plus

A vulnerability scanning, compliance, and remediation tool that can
provide visibility into security risks like harmful software, web server
misconfigurations, and security misconfigurations.

Probely
A lesser-known but capable tool that continuously scans web
applications and can generate PCI-DSS and OWASP compliance
reports. If it finds a vulnerability, it can suggest remedial actions with
code snippets for developer.

Fourier Transform Tables
No ratings yet
Fourier Transform Tables
9 pages
Cyberpunk 2070 Fuzionpunk 1st Ed
94% (17)
Cyberpunk 2070 Fuzionpunk 1st Ed
157 pages
Penetration Testing Fundamentals-2: Penetration Testing Study Guide To Breaking Into Systems
From Everand
Penetration Testing Fundamentals-2: Penetration Testing Study Guide To Breaking Into Systems
Devi Prasad
No ratings yet
Lab 3 - Vulnerability Scanning and Exploitation Instructions_Mar 4
No ratings yet
Lab 3 - Vulnerability Scanning and Exploitation Instructions_Mar 4
5 pages
Offsec SearchSploit
No ratings yet
Offsec SearchSploit
17 pages
CEH Module 5
No ratings yet
CEH Module 5
39 pages
Vulnerability Analysis
No ratings yet
Vulnerability Analysis
11 pages
Hunting For Vulnerabilities Using Metasploit
No ratings yet
Hunting For Vulnerabilities Using Metasploit
12 pages
Unwrapping Tools
No ratings yet
Unwrapping Tools
12 pages
HOD401_SE170058_Phạm Minh Tuấn_LAB6
No ratings yet
HOD401_SE170058_Phạm Minh Tuấn_LAB6
17 pages
Lampsec ctf6 PDF
No ratings yet
Lampsec ctf6 PDF
50 pages
4.vulnerability scanning and assessment
No ratings yet
4.vulnerability scanning and assessment
11 pages
SW&L 19bcs2848 Exp8
No ratings yet
SW&L 19bcs2848 Exp8
3 pages
CS CH 2
No ratings yet
CS CH 2
51 pages
SW&L 19bcs2848 Exp7
No ratings yet
SW&L 19bcs2848 Exp7
5 pages
Hacking With Chat GPT
No ratings yet
Hacking With Chat GPT
3 pages
CS Unit-2 VJ
No ratings yet
CS Unit-2 VJ
35 pages
Fhbj
No ratings yet
Fhbj
63 pages
LEIDY ABC
No ratings yet
LEIDY ABC
4 pages
CS PPT 2
No ratings yet
CS PPT 2
51 pages
Security Scanning and Vulnerability Tool
No ratings yet
Security Scanning and Vulnerability Tool
14 pages
Lab4 IAM
No ratings yet
Lab4 IAM
3 pages
Network Vulnerability Scanning: By:-Prachee Ratnaparkhi Msc-Ii, Roll - No. 17
No ratings yet
Network Vulnerability Scanning: By:-Prachee Ratnaparkhi Msc-Ii, Roll - No. 17
14 pages
Nessus Lab Merged
No ratings yet
Nessus Lab Merged
37 pages
Nessus Lab
No ratings yet
Nessus Lab
32 pages
Lab5 IAA202 HoVietAn
No ratings yet
Lab5 IAA202 HoVietAn
2 pages
Kali Linux - Website Penetration Testing - Tutorialspoint
No ratings yet
Kali Linux - Website Penetration Testing - Tutorialspoint
23 pages
18 Vulnerability Analysis
No ratings yet
18 Vulnerability Analysis
96 pages
5. Vulnerabilities (EN)
No ratings yet
5. Vulnerabilities (EN)
21 pages
Experiment - 3: Advanced Cyber Security - 4028
No ratings yet
Experiment - 3: Advanced Cyber Security - 4028
12 pages
meghCS 1
No ratings yet
meghCS 1
45 pages
Mastering Nikto: A Comprehensive Guide to Web Vulnerability Scanning: Security Books
From Everand
Mastering Nikto: A Comprehensive Guide to Web Vulnerability Scanning: Security Books
Erwin Dirks
No ratings yet
Exploit Database SearchSploit Manual PDF
No ratings yet
Exploit Database SearchSploit Manual PDF
8 pages
Debugging Playbook: System Testing, Error Localization, And Vulnerability Remediation
From Everand
Debugging Playbook: System Testing, Error Localization, And Vulnerability Remediation
Rob Botwright
No ratings yet
EXP 2 PT
No ratings yet
EXP 2 PT
6 pages
5.vulnerability Analysis
100% (1)
5.vulnerability Analysis
18 pages
Security Tools Overview
100% (1)
Security Tools Overview
12 pages
Exploit Labs Short
No ratings yet
Exploit Labs Short
17 pages
Lab5_LeHoangKhang_SE172991_IAA202_2025
No ratings yet
Lab5_LeHoangKhang_SE172991_IAA202_2025
2 pages
Vulnerability Scanning
No ratings yet
Vulnerability Scanning
12 pages
Vulnerability Scanning
No ratings yet
Vulnerability Scanning
12 pages
Penetration Testing Report
No ratings yet
Penetration Testing Report
25 pages
Learning ParrotOS
From Everand
Learning ParrotOS
Arvin Destar
No ratings yet
Learning ParrotOS: Kickstart simple pentesting and ethical hacking techniques using cybersecurity operating system
From Everand
Learning ParrotOS: Kickstart simple pentesting and ethical hacking techniques using cybersecurity operating system
Arvin Destar
No ratings yet
Practical 7
No ratings yet
Practical 7
5 pages
Lab #5
No ratings yet
Lab #5
3 pages
Penetration Testing Print Version
No ratings yet
Penetration Testing Print Version
33 pages
Kali Linux, Ethical Hacking And Pen Testing For Beginners
From Everand
Kali Linux, Ethical Hacking And Pen Testing For Beginners
BHARAT NISHAD
No ratings yet
A Simple Penetration Testing Practice
No ratings yet
A Simple Penetration Testing Practice
10 pages
Laboratory 5
No ratings yet
Laboratory 5
4 pages
Metasploit Pro v4.11
No ratings yet
Metasploit Pro v4.11
188 pages
Rust In Practice, Second Edition
From Everand
Rust In Practice, Second Edition
Rick Tim
No ratings yet
Vaptqans
No ratings yet
Vaptqans
15 pages
Certified Penetration Testing Professional CPTP
No ratings yet
Certified Penetration Testing Professional CPTP
12 pages
Report PDF
No ratings yet
Report PDF
9 pages
Report PDF
No ratings yet
Report PDF
9 pages
Kali Linux
No ratings yet
Kali Linux
57 pages
Armitage Introduction Lab
No ratings yet
Armitage Introduction Lab
19 pages
Ethical Hacking Project Work
No ratings yet
Ethical Hacking Project Work
16 pages
Footprinting, Reconnaissance, Scanning and Enumeration Techniques of Computer Networks
From Everand
Footprinting, Reconnaissance, Scanning and Enumeration Techniques of Computer Networks
Dr. Hidaia Mahmood Alassouli
No ratings yet
Cyber security 2
No ratings yet
Cyber security 2
55 pages
Pentest+ Exam Pass: Penetration Testing And Vulnerability Management For Cybersecurity Professionals
From Everand
Pentest+ Exam Pass: Penetration Testing And Vulnerability Management For Cybersecurity Professionals
Rob Botwright
No ratings yet
User Manual For Updating Student Profile in Tummis
No ratings yet
User Manual For Updating Student Profile in Tummis
5 pages
Transport Layer Protocols For Ad-Hoc Networks
No ratings yet
Transport Layer Protocols For Ad-Hoc Networks
29 pages
Configuring BIG-IP APM Access Policy Manager: Training Goals
No ratings yet
Configuring BIG-IP APM Access Policy Manager: Training Goals
5 pages
Download Soft Computing for Problem Solving SocProS 2017 Volume 2 Jagdish Chand Bansal ebook All Chapters PDF
100% (1)
Download Soft Computing for Problem Solving SocProS 2017 Volume 2 Jagdish Chand Bansal ebook All Chapters PDF
55 pages
DS3 - Removing - Refitting Alternator
No ratings yet
DS3 - Removing - Refitting Alternator
5 pages
REXX and SAMPLE
100% (1)
REXX and SAMPLE
15 pages
catalog_TURCK-MS24-112-R-datasheet
No ratings yet
catalog_TURCK-MS24-112-R-datasheet
2 pages
From Web
No ratings yet
From Web
34 pages
Deadlock: Deadlock Can Arise If Following Four Conditions Hold Simultaneously (Necessary Conditions)
No ratings yet
Deadlock: Deadlock Can Arise If Following Four Conditions Hold Simultaneously (Necessary Conditions)
17 pages
Hall Ticket
No ratings yet
Hall Ticket
4 pages
United Nations Development Programme Personal History Form (For Service Contracts and Special Services Agreements)
No ratings yet
United Nations Development Programme Personal History Form (For Service Contracts and Special Services Agreements)
5 pages
Detailed Lesson Plan
No ratings yet
Detailed Lesson Plan
5 pages
ELX 218 Lab 1 Feb2012 Labmanual
No ratings yet
ELX 218 Lab 1 Feb2012 Labmanual
16 pages
All - Turbos, Flyin' Miata Turbo Installation
100% (1)
All - Turbos, Flyin' Miata Turbo Installation
46 pages
CHPT 2
No ratings yet
CHPT 2
16 pages
Oct-Nov-2024 - C S Instructions & QPDS User Manual
No ratings yet
Oct-Nov-2024 - C S Instructions & QPDS User Manual
70 pages
Lecture 1 - Getting Started
No ratings yet
Lecture 1 - Getting Started
7 pages
final-dsal-lab-manual-2023-24-sem-ii
No ratings yet
final-dsal-lab-manual-2023-24-sem-ii
39 pages
Kubernetes + Docker
No ratings yet
Kubernetes + Docker
21 pages
Lecture 25 BSC II
0% (1)
Lecture 25 BSC II
6 pages
MPR63 - Ortak - Kullanma - Talimati - 1 - 21sh - Ing v.1
No ratings yet
MPR63 - Ortak - Kullanma - Talimati - 1 - 21sh - Ing v.1
12 pages
WA-5000 ASSEMBLY AND PARTS LIST - Nitto Kohki USA
No ratings yet
WA-5000 ASSEMBLY AND PARTS LIST - Nitto Kohki USA
2 pages
MX3 Math Reviewer
No ratings yet
MX3 Math Reviewer
24 pages
Ideal Remote Sensing System
No ratings yet
Ideal Remote Sensing System
4 pages
24-Data Path-28-02-2023
No ratings yet
24-Data Path-28-02-2023
16 pages
Radiator: User's Guide Tube Mix Channel
No ratings yet
Radiator: User's Guide Tube Mix Channel
11 pages
System Verilog Overview-Ibm
No ratings yet
System Verilog Overview-Ibm
56 pages
Dynamips I7 Log
No ratings yet
Dynamips I7 Log
1 page