Assessment Description: Automated scanners are often utilized to detail specific flaws and suggest corrective actions for networks. This lab will introduce you to three separate scanners to help ident

/ Art


Assessment Description:

Automated scanners are often utilized to detail specific flaws and suggest corrective actions for networks. This lab will introduce you to three separate scanners to help identify possible vulnerabilities within a system.View the “Lab 4 Your Second Hack Part 1 Lab” and “Nessus” videos within the “Video Playlist: Penetration Testing and Risk Management,” located in the topic Resources.This lab utilizes the Kioptrix 2 VM and your Kali to perform network enumeration, vulnerability scanning, and exploitation.

  • Enumerate your target, providing screenshots. (All screenshots are required to give a date and timestamp.)
  • Utilize Nikto.
  • Utilize OWASP Zaap. 
  • Identify, compare, and contrast Nikto vs. OWASP ZAP.
  • Identify and summarize CSRF.
  • Identify and summarize XSS.
  • Utilize Nessus.
  • Explore at least 10 possible vulnerabilities identified.

Create an 8- to 10-minute PowerPoint presentation with an embedded video. Show professionalism in your speech and appearance. Use an online video platform like Loom, YouTube, or Vimeo to upload your completed video. Ensure that others can access and view your linked video prior to submitting it to the LMS. In the video, be sure to detail the following, using screenshots:

  • Utilize flaw hypothesis methodology and provide a hypothesis based on your findings.
  • Utilizing the tools outlined above, conduct vulnerability analysis and mapping.
  • Describe how you would apply the tools and techniques for identifying vulnerabilities.
  • Apply techniques to trace a vulnerability to its root cause.
  • Utilizing your knowledge of the vulnerabilities found, what attack vectors would you hypothesize using and why?
  • Analyze the legal, ethical, and industry standards associated with vulnerability disclosure. What is your recommendation for when a vulnerability should be disclosed to the public? Why?
  • Using your vulnerability scans as a base, select a vulnerability and provide a hypothesis as to how the vulnerability came into being. Research the vulnerability and briefly provide a summary of the root cause.

APA style is not required, but solid academic writing is expected. This assignment uses a rubric. Please review the rubric prior to beginning the assignment to become familiar with the expectations for successful completion.You are not required to submit this assignment to LopesWrite.