Computer Science > Research Paper > CMIT 321 Ethical Hacking/ Penetration Test Proposal Deliverable 3: Gaining Access Plan (All)

CMIT 321 Ethical Hacking/ Penetration Test Proposal Deliverable 3: Gaining Access Plan

Document Content and Description Below

Course Number and Section: CMIT 321 6386 Instructor: Professor Collins Date: September 29, 2019 Gaining Access Overview The gaining access phase is the phase where the vulnerability is ... exploited with tools designed to circumvent controls that may be in place to mitigate against malicious tools. Gaining access is instrumental to the entire process. Vulnerable Resources There are many vendors and open source repositories that can be used to research vulnerabilities. The national Vulnerability Database (NVD) is a repository of vulnerabilities. You can search statistics as well as get full listings of vulnerabilities. Another open source repository is the Exploit Database. The Exploit Database is a repository of vulnerabilities that is broken down and sorted. You can sort the data to give you the latest exploits that have a high likelihood of not being mitigated or covered via patching. The Common Vulnerabilities and Exposures (CVE) site is a free searchable site of disclosed cyber security vulnerabilities. All of the main anti-virus vendors use the CVE naming convention when referring to vulnerabilities. If you know what mitigation software a company is using you can get a list of the latest update and what CVE’s are covered, meaning that they are vulnerable to others not covered in the updates. The MITRE ATT&CK website breaks down the categories and gives examples of ways to gain access, escalate privilege, collect data, or execute command and control, just to name a few. Techniques and Software [Show More]

Last updated: 3 years ago

Preview 1 out of 2 pages

Buy Now

Instant download

We Accept: