WEBVTT

00:00.710 --> 00:07.190
The goal of passive and active reconnaissance is to identify an exploitable target.

00:07.310 --> 00:14.360
And the goal of vulnerability assessment is to find the security flaws that are most likely to support

00:14.360 --> 00:16.400
the testers or attackers objective.

00:16.430 --> 00:23.140
For example, when authorized access, denial of services or modification of data, the vulnerabilities

00:23.150 --> 00:29.780
assessment during the exploit phase of the kill chain focuses on creating the access to achieve the

00:29.780 --> 00:36.860
objective mapping of the vulnerabilities, to line up the exploits and maintain persistent access to

00:36.860 --> 00:37.670
the target.

00:37.700 --> 00:44.390
Thousands of exploitable vulnerabilities have been identified, and most are associated with at least

00:44.390 --> 00:49.760
one proof of concept code, file or technique to allow the system to be compromised.

00:49.790 --> 00:57.320
Nevertheless, the underlying principle that governs success are the same across networks, operating

00:57.320 --> 00:59.430
systems and applications.

00:59.480 --> 01:05.190
In this course, you will learn using online and local vulnerability resources.

01:05.190 --> 01:13.830
You will also learn writing your own Nmap script using the Nmap scripting engine, web and application

01:13.830 --> 01:15.870
specific scanners.

01:15.900 --> 01:19.110
You will also learn threat modeling in general.

01:21.180 --> 01:27.330
You will learn how to select and customize multiple vulnerability scanners.