Vulnerability Assessment

Once we get to the Vulnerability Assessment stage, we analyze the results from our Information Gathering stage, looking for known vulnerabilities in the systems, applications, and various versions of each to discover possible attack vectors. Vulnerability assessment is the evaluation of potential vulnerabilities, both manually and through automated means. This is used to determine the threat level and the susceptibility of a target's network infrastructure to cyber-attacks.

Suggested search via: https://packetstormsecurity.com/search/?q=

Default Credentials
CVEs
Searchsploit
Existing POCs
Research

POST
http://tickets.keeper.htb/rt/NoAuth/Login.html?user=FUZZ_A&pass=FUZZ_B
FUZZ_A: /usr/share/seclists/Usernames/top-usernames-shortlist.txt
FUZZ_B: /usr/share/seclists/Passwords/Common-Credentials/worst-passwords-2017-top100-slashdata.txt

[Status: 200, Size: 4290, Words: 401, Lines: 153, Duration: 912ms]
    FUZZ_A: root
    FUZZ_B: password

PreviousInfo Gathering Nexta) Exploitation

Last updated 1 year ago

hashtagBrute forced username and password to login (also default credentials).

Brute forced username and password to login (also default credentials).