Hey, everyone, welcome back to the course. So in the last video, we talked about the Vulnerability Management Life Cycle and this video. We're to talk about some different tools around vulnerabilities, so we'll talk about some tools. I want to mention that it's not an endorsement of these tools. And then we're going to talk about the basic types of vulnerability assessment tools,
and we'll also talk through
CVS, SCV E and N V. D. So actually learned what those will stand for in this particular video.
So let's talk through a different types of vulnerability assessment tools. So we have host based. This one's pretty self explanatory that's gonna run on your particular host computer or host system. And this one basically helps us identify
one operating system. Are you using? And what kinds of vulnerabilities are for that operating system?
Ah, scope is gonna be basically
also testing for ah, vulnerabilities in the operating systems as well as general applications.
The depth type of assessment tool
is gonna look for unknown, previously unknown vulnerability. So these air things like your fuzzing tools
where you're in funding, is really kind of an art, and it's more and more advanced topic. But basically, um, it's that death is that type of tool where we're looking at the actual code and trying to see if we can find vulnerabilities.
So it's more V. Generally speaking, it's more of a static type of process We're looking at the actual code versus is trying to run the code and see what happens.
We got application layer. This one's normally where we're focused more on the Web servers or like the databases. So that's what we're talking about. The application layer tools
active vs passive scanning, again active scanners, air actually
checking vory systems, etcetera that are consuming resource is on the network, so they're doing the vulnerable vulnerability scanning against those
and then passes. Scanners don't really have a an impact like actor scanners do, like on your network, right? So it's not gonna eat up. A lot of resource is,
but you could still find some general information about what's going on in the system.
So let's talk about CVS SCV e N v. D. You might have heard some of this terminology
in like the media, especially round if they're like, Hey, you need to release Microsoft to release a patch for see ve Ah, you know, 5000 and 8.6 or one it right.
What we're basically talking about here is the CVS s is a common vulnerability scoring system.
So that's basically the CVS s basically of this gives us an unopened framework, right? It allows us to to see some characteristics or communicate care characteristics and the actual impact of different vulnerabilities that are out there or that we're finding out there. They've got a rating. Systems basically goes from zero, which is like
no severity whatsoever. For obvious reasons. It zero
and then it goes up to 10 for the critical. So basically, goods from none, nothing's going on first versus 10 and being the most critical.
And this is really good because it also explains, like, what are some of the underlying characteristics that caused that score to be the score? Right. So it's a really good resource for you to learn about vulnerabilities and learn about
how it's rated on severity what kind of impact a certain vulnerability can have. So it's a really good resource to go to so again, common vulnerabilities scoring system or C v ss, and then see Visa, common vulnerabilities and exposures again. These are the things that you're going to see when you
hear about like a patch for Microsoft Windows or you go update software. Ah, like on your iPhone or something it might see
updating four CV Whatever, right. I'm usually you see that when you're updating like Windows software, but that's what we're talking about there. It's common vulnerabilities and exposures,
and essentially, it's a
for lack of better words. A dictionary, right? It's a dictionary of,
um, certain identifiers around, like common vulnerabilities that we see or exposures. And it really it's more
more around, like the public lee known types of things, right? That's why you see CV, whatever. And then Microsoft releases a patch for it. So it's known stuff. So the C V database isn't going toe have, like zero day attacks. So attacks that people are just finding that haven't been
publicly known in some capacity. It's not gonna have those usually. So it's just gonna be things that are publicly known and then envy D is just the National Vulnerability database.
This includes. This got a lot of resources, so I think the others database of security checklist that you can reference there's listings of, like various software flaws or vulnerabilities. There's information about Miss Configurations,
different product names that are affected. Maybe there's a router or something that's that's vulnerable. And then what kind of like impact right where that what's the actual impact that that type of vulnerability has been having across the board? So I want to stress that envy D is a U. S government kind of sponsored thing,
her agency. So just keep that in mind, depending on where you are in the world, listen to this
humane or may not be able to get access to that to just gonna be mindful of that.
So let's talk through some some common tools that are in use again. This is not an endorsement
on this is definitely not an exhaustive list. There's a lot of different tools out. There s own esus professional version. There's a free version, but the professional version is one. I know a lot of organizations using, along with quality as well. Many of the organization's I'm familiar with are using multiple,
applications to run vulnerability scans because you can't just trust one right, you need multiple resource is to use. Nick Dough
is for the Web, so websites basically you see those vulnerabilities on Web servers. Web applications
open. Voss is another popular one is free s. So it's a really popular one for people that are trying to learn a little bit more about vulnerability. Scanning. In fact, in our labs, you're gonna be using open Voss. You also bees in another one called core impact
to practice some hands on skills.
So just another quick quiz question for you.
CV provides a list of product names, software flaws and impact metrics. Is that true or false?
All right, we know that's false. Right again, the, uh, the Envy D the National Vulnerability Database. That's the one that provides that list of product names that were affected. Various software flaws and vulnerabilities, impact metrics and a ton of other resource is that will be very beneficial to you as you're learning.
So in this video, we just covered vulnerability assessment tools Again, we talked about some of the types of tools that we talked about. Some of the common one said you might see out there in the industry. We also talked through CVS SCV e and N V D
in the next module. As I mentioned before, module to is gonna be hands on. So and the next couple of videos you're gonna notice that I'll walk you through the 1st 2 labs and then I'll sort of set you free for lack of better words, and you'll be able to go through the lapse on your own. I will have an overview video where I just kind of talk about like,
hey, this lapse, gonna You're gonna be doing these things,
But I won't walk you through a step by step.
If you haven't downloaded, the resource is yet. Be sure to go to the resource tab on this course and download those because you will find step by step lab guys for all of those labs in there.