🐞 Vulnerability Analysis
Vulnerability analysis is the process of identifying and evaluating vulnerabilities in a target’s systems and applications.
Scoring systems
Section titled “Scoring systems”Vulnerability scoring systems are used to assign a score to a vulnerability based on its severity and impact.
CWE (Common Weakness Enumeration) CWE is a community-developed list of software and hardware weakness types.
CVE (Common Vulnerabilities and Exposures) CVE is a list of publicly disclosed cybersecurity vulnerabilities and exposures.
NVD (National Vulnerability Database) NVD is a U.S. government repository of publicly available vulnerability management data.
Vulnerability scanners
Section titled “Vulnerability scanners”Vulnerability scanners are tools used to identify vulnerabilities in a target’s systems and applications.
OpenVAS (Open Vulnerability Assessment System) OpenVAS is a free and open-source vulnerability scanner.
Nessus Nessus is a proprietary vulnerability scanner developed by Tenable.
GFI LanGuard GFI LanGuard is a network security scanner and patch management solution.
Nikto Nikto is an open-source web server scanner.