Professional Documents
Culture Documents
Raj Agrawal - Expt-2 - VAPT
Raj Agrawal - Expt-2 - VAPT
1. Web Penetration Testing with Kali Linux, Joseph Muniz, Aamir Lakhani, Packt Publishing, 2013.
2. Hacking Exposed 7: Network Security Secrets and Solutions, George Kurtz, Joel Scambray, and
Stuart McClure, McGraw Hill, 2012.
Introduction:
1. Nmap
With Nmap, security professionals can find live hosts on a network and perform port scanning. This
app is helpful for many reasons such as identifying open ports which are vulnerable to attack by
hackers, or finding the operating system in use so that vulnerabilities may be exploited.
2. Metasploit
The Metasploit framework is a powerful tool for cybersecurity professionals while conducting
information-gathering tasks. What makes it unique is the fact that it is very easy to use. It can be used
by both ethical hackers and cybercriminals to identify vulnerabilities on networks and servers.
It allows testers to scan systems for vulnerabilities, conduct network reconnaissance, launch exploits,
and more. Exploit modules—allow testers to target a specific, known vulnerability. Metasploit has a
large number of exploit modules, including buffer overflow and SQL injection exploits.
3. Wireshark
Wireshark is one of the most well-known and often used packet sniffing tools available today. It is
used by cybersecurity professionals, network administrators and hackers to collect information from
networks. Network packets contain a wealth of information, and Wireshark captures this data for
later analysis. Learning how to use Wireshark is essential if you wish to conduct information gathering
on a network.
Wireshark is a network protocol analyzer, or an application that captures packets from a network
connection, such as from your computer to your home office or the internet. Packet is the name
given to a discrete unit of data in a typical Ethernet network. Wireshark is the most often-used packet
sniffer in the world.
Implementation details:
1. Nmap
2. Metasploitable
3. Wireshark
Conclusion: Explored various tools that are used for information gathering and also performed basic
reconnaissance.