Book Image

Network Vulnerability Assessment

By : Sagar Rahalkar
Book Image

Network Vulnerability Assessment

By: Sagar Rahalkar

Overview of this book

The tech world has been taken over by digitization to a very large extent, and so it’s become extremely important for an organization to actively design security mechanisms for their network infrastructures. Analyzing vulnerabilities can be one of the best ways to secure your network infrastructure. Network Vulnerability Assessment starts with network security assessment concepts, workflows, and architectures. Then, you will use open source tools to perform both active and passive network scanning. As you make your way through the chapters, you will use these scanning results to analyze and design a threat model for network security. In the concluding chapters, you will dig deeper into concepts such as IP network analysis, Microsoft Services, and mail services. You will also get to grips with various security best practices, which will help you build your network security mechanism. By the end of this book, you will be in a position to build a security framework fit for an organization.
Table of Contents (15 chapters)

Testing tools

We have already seen a list of various tools earlier in this chapter that we can use for performing web application security testing. In this section, we'll have a brief introduction to two such tools.

OWASP ZAP

OWASP ZAP is a multi-functional tool that can perform an array of tasks related to application security testing. It is capable of doing automated scanning as well and is extremely effective in manual testing and fuzzing. OWASP ZAP can be downloaded from https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project.

The following image shows the initial OWASP ZAP console. The left pane displays the site hierarchy, the right pane displays individual requests and responses, and the bottom pane displays...