1
00:00:00,710 --> 00:00:07,190
The goal of passive and active reconnaissance is to identify an exploitable target.

2
00:00:07,310 --> 00:00:14,360
And the goal of vulnerability assessment is to find the security flaws that are most likely to support

3
00:00:14,360 --> 00:00:16,400
the testers or attackers objective.

4
00:00:16,430 --> 00:00:23,140
For example, when authorized access, denial of services or modification of data, the vulnerabilities

5
00:00:23,150 --> 00:00:29,780
assessment during the exploit phase of the kill chain focuses on creating the access to achieve the

6
00:00:29,780 --> 00:00:36,860
objective mapping of the vulnerabilities, to line up the exploits and maintain persistent access to

7
00:00:36,860 --> 00:00:37,670
the target.

8
00:00:37,700 --> 00:00:44,390
Thousands of exploitable vulnerabilities have been identified, and most are associated with at least

9
00:00:44,390 --> 00:00:49,760
one proof of concept code, file or technique to allow the system to be compromised.

10
00:00:49,790 --> 00:00:57,320
Nevertheless, the underlying principle that governs success are the same across networks, operating

11
00:00:57,320 --> 00:00:59,430
systems and applications.

12
00:00:59,480 --> 00:01:05,190
In this course, you will learn using online and local vulnerability resources.

13
00:01:05,190 --> 00:01:13,830
You will also learn writing your own Nmap script using the Nmap scripting engine, web and application

14
00:01:13,830 --> 00:01:15,870
specific scanners.

15
00:01:15,900 --> 00:01:19,110
You will also learn threat modeling in general.

16
00:01:21,180 --> 00:01:27,330
You will learn how to select and customize multiple vulnerability scanners.