The access to this course is restricted to PenTest Premium or IT Pack Premium Subscription.

How to discover the weakness points in your system?

You will…
– master using Nessus which is one of the most popular automatic vulnerability scanner tools.
– learn how you can customize the scan according your target environment and how you can use the scan results to find the way to your target.
– learn how we can integrate between Nessus and metasploit to import the scan result into metasploit and finally.
– know how we can create different scan reports.
– apply what you learnt on a virtual lab environment. You will facing vulnerable software and operating system.


4CPE CREDICTS


The access to this course is restricted to PenTest Premium or IT Pack Premium Subscription


 

How to discover the weakness points in your system?


Pre-Course Material (Introduction)
=======
 
We will know the meaning of automatic vulnerability scanners.
We will learn how we can install Nessus for Windows and Linux operating systems.
We will know what it the meaning of Nessus plugins and how we can update the plugins online and offline.
1. Nessus Vulnearinbility Scanner
2. Installing Nessus for Windows and Linux
3. Updating Nessus Plugins online and offline
 
Exercises:
========
1. Installing Nessus for Windows
2. Installing Nessus for Linux
2. Updating Nessus Plugins online and offline
 
+ Video
 

Module.1
========

In this module we will discover the different scans policies and how we can create a police that suite our targets and choose the correct plugins to avoid false positive results and Denial of service.
We will run a scan against target machine and show how we can use the results to exploit our target and extracting scan reports.

1. Creating Scan Policy
2. Choosing Plugins for our scan
3. Analysing Scan results
4. Using the results to exploit the target
5. Extracting Nessus report
6. Import Report in metasploit for furthur usage

Exercises:

========

1. Creating different scan policies
2. Customize the scan plugings
3. Scan Windows7 and windows XP using Nessus
4. Analyse the scan results and find exploit to the findings
5. Exploit the target
6. Import the Scan into Metasploit
 

Module.2

========
 
Through this module we will discover how we can use Nessus to Audit Databases.
We will learn what is the meaning by PCI-DSS “Payment Card Industry” and how we can use Nessus make sure that we are following this standard.
1. Create policy for database auditing
2. Run scan against installed database
3. Use the scan result to find a way to login to our databse
4. Create PCI-DSS scan policy and run a scan against a real target
 
Exercises
=========
 
1. Create database auditing policy and run scan against installed database
2. Analyse the scan result and use some finding s to login to database
3. Create PCI-DSS policy and run a scan a against target machine

 
Module.3
=======
 
In this module we will face another interesting part in Nessus which is web application vulnerability assessment.
We will see how we can use Nessus to discover the flaws on our web application to secure them.
1. Host web applications on our website
2. Create web application scan Policy
3. Run scan against our web application
4. Analyse the scan results and find the flaws on our application
 
Exercises:
=========
1. Install Web application on a web server
2. Create scan policy and run scan against the previously installed web application
3. Analyse the scan result and discover the flaws

 
Module.4
========
 
In this module we will show another software for automatic vulnerability scanners (OpenVas) which can be found on Kali linux distro.
We will show how we can install this software and use it for running a scan against our target and analysing the report.
1. Configuring OpenVas on Kali linux
2. Running Scan against targets
3. Analysing the scan reports
4. Use the scan result for exploiting the machine
 
Exercises:
========
 
1. Installing OpenVas on Kali
2. Scan Some targets with  different operating System (Linux and Windows)

3. Analyse the scan result and find some exploit to these findings
 

Course Reviews

N.A

ratings
  • 5 stars0
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0

No Reviews found for this course.

TAKE THIS COURSE
  • Premium Subscription Only
  • UNLIMITED ACCESS
  • Course Certificate
707 STUDENTS ENROLLED

Certificate Code

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013