Having identified the most viable attack methods, you need to consider how you will access the target. During vulnerability analysis, you combine the information that you’ve learned from the prior phases and use it to understand what attacks might be viable. Among other things, vulnerability analysis takes into account port and vulnerability scans, data gathered by banner grabbing, and information collected during intelligence gathering.
| Assessment Categroy | Bookmarks |
|---|---|
| Network Assessment | |
| Web Application Assessment | |
| Database Assessment |
- http://www.exploit-db.com/
- http://www.cvedetails.com/
- http://packetstormsecurity.com/
- http://www.securityfocus.com/bid
- http://nvd.nist.gov/
- http://osvdb.org/
- http://cve.mitre.org/
- http://sec.jetlib.com/
- http://0day.today/
- https://www.seebug.org/
- https://www.rapid7.com/db/
- http://zerodayinitiative.com/advisories/published/
- http://exploitsearch.net/
- http://nvd.nist.gov/download/nvd-rss-analyzed.xml
- http://www.intelligentexploit.com/
- https://wpvulndb.com/
- http://www.wordpressexploit.com/
- http://www.drupalexploit.com/
- http://www.openwall.com/lists/oss-security/
- http://exploitsearch.net/
- https://www.vulnerability-lab.com/