1
00:00:01,020 --> 00:00:07,140
Now, after we have performed the scanning on a target, the next step is to pull the liability assessment.

2
00:00:10,100 --> 00:00:15,350
Vulnerability assessment is a systematic review of security weaknesses in an information system.

3
00:00:15,890 --> 00:00:20,180
It evaluates the system is susceptible to any known vulnerabilities.

4
00:00:20,280 --> 00:00:25,640
Exercise different security levels to those vulnerabilities and recommends remediation or mitigation

5
00:00:25,640 --> 00:00:26,930
if and whenever needed.

6
00:00:28,000 --> 00:00:29,140
After the scan.

7
00:00:29,140 --> 00:00:34,720
We need to find vulnerabilities for each port and vulnerability assessment can help us to exploit the

8
00:00:34,720 --> 00:00:35,650
actual system.

9
00:00:37,430 --> 00:00:40,790
There are multiple tools available for vulnerability assessment.

10
00:00:41,510 --> 00:00:48,350
You're going to see to most use tools that supplied the simple command line utility in line X to search

11
00:00:48,350 --> 00:00:50,120
to exploit DV database.

12
00:00:50,780 --> 00:00:56,960
And Nessus is a remote security scanning tool which scans a computer, raises an alert if it discovers

13
00:00:56,960 --> 00:00:59,960
any vulnerabilities that malicious hacker could use.

14
00:01:00,380 --> 00:01:07,340
It is available for both Windows as well as Kali Systems, which is a paid tool, but it is the most

15
00:01:07,340 --> 00:01:09,800
widely used scanner on the market.

16
00:01:13,850 --> 00:01:16,850
Such logic comes preinstalled with nine x.

17
00:01:23,310 --> 00:01:27,210
To use such supply as simply run the scan and check for vulnerabilities.

18
00:01:27,360 --> 00:01:32,220
Use the command search deployed with the version number of the service running on system, and it will

19
00:01:32,220 --> 00:01:34,620
list all available as part of the version.

20
00:01:35,980 --> 00:01:37,360
Vanessa is a peer too.

21
00:01:37,390 --> 00:01:41,320
However, the trial version allows scanning up to 16 apps.

22
00:01:42,810 --> 00:01:45,970
When installing NASA's visit the official NASA's website.

23
00:01:45,990 --> 00:01:48,000
Download and install it.

24
00:01:50,020 --> 00:01:52,450
First to conduct a basic scan.

25
00:01:54,460 --> 00:01:55,570
You are Target.

26
00:01:55,600 --> 00:01:56,800
Let's start the scan.

27
00:01:58,890 --> 00:02:02,250
Nessus will scan the target and provide a complete report.

28
00:02:04,920 --> 00:02:05,220
No.

29
00:02:05,220 --> 00:02:06,990
Let's see the actual demonstration.

30
00:02:09,530 --> 00:02:16,790
So in the previous lecture, we have come to know that our target machine is using VTS ftp version 2.3.4.

31
00:02:22,030 --> 00:02:26,200
Just use the command, search it and give it the version number of the service.

32
00:02:27,160 --> 00:02:31,150
And you can see that it has provided us the list of all experts available.

33
00:02:33,110 --> 00:02:35,100
Including one that is available for us.

34
00:02:35,120 --> 00:02:35,660
Right?

35
00:02:40,150 --> 00:02:43,810
You could also check all experts of the voice activity service.

36
00:02:45,680 --> 00:02:50,120
And you can see that there are different experts available for different versions.

37
00:02:52,090 --> 00:02:52,270
No.

38
00:02:52,270 --> 00:02:56,110
Let's see the NEXUS scan once you've downloaded and sorted.

39
00:02:56,140 --> 00:02:57,370
Click on your scan.

40
00:02:58,720 --> 00:03:01,390
Invisibility scans lack basic network scan.

41
00:03:03,540 --> 00:03:06,150
Give it a name and provide the target IP.

42
00:03:09,850 --> 00:03:10,990
And save the skin.

43
00:03:14,190 --> 00:03:15,450
Not large the can.

44
00:03:21,080 --> 00:03:24,510
Nurses will scan the doctor for all available remedies.

45
00:03:24,560 --> 00:03:30,830
I provide a detailed report that can be used by hackers as well as security professionals to harden

46
00:03:30,830 --> 00:03:31,580
the target.

47
00:03:32,240 --> 00:03:37,670
Go to the vulnerabilities tab and you can see that it has 13 critical vulnerabilities available.

48
00:03:40,700 --> 00:03:45,050
Nurses also tell us if some exploit is available for that ability or not.

49
00:03:48,900 --> 00:03:54,390
If you browse, though, also indicated some information that it can collect about the target.

50
00:03:59,690 --> 00:04:02,630
I hope you like this lecture and see you in the next lecture.