Showing posts from April, 2023

Nikto: Definition, Features and Disadvantages

What is Nikto? Nikto is an open source (GPL) web server scanner which performs tests against 6700 potentially dangerous files and programs. Nikto also checks for outdated versions of over 1250 servers. It is created by David Lodge and Chris Sullo and its first version is released on 27, December 2001. It is written in the Perl programming language. It checks for the presence of multiple index files and HTTP server options. Features of Nikto 1. It can find SQL injection, XSS, and other common vulnerabilities. 2. It can identify installed software via headers, favicons, and files. 3. It can also guess the subdomains of the scanned domain. 4. The reports generated by it can be exported as plain text, XML, HTML, and CSV format. 5. It can be integrated with Nessus. 6. It exports to Metasploit. 7. It can be auto paused at a specific time. 8. It can be easily updated via the command line. 9. It includes support for SSL (HTTPS) websites. 10. It has full HTTP proxy support. Disadvantage o

Nessus: Definition, Architecture and Features

What is Nessus? Nessus is a proprietary vulnerability scanner developed by Tenable Inc. Nessus is an open source (under GPL license) network vulnerability scanner that has a database of common vulnerabilities which is matched with the vulnerabilities of the system. Nessus works by testing each port on the server/computer and then finding any potential vulnerabilities. Architecture of Nessus 1. Modular Architecture It provides flexibility to the tester to deploy the scanner and connect to the client from any machine with a web browser. 2. Plugin Architecture It provides flexibility to the tester to add plugins and groups into one of 42 families. Through this, users can easily add their test by selecting specific plugins. Features of Nessus Nessus is written in NASL language which is Nessus Attack Scripting Language which is designed specifically to write security tests easily and quickly. Nessus has an inbuilt feature of auto-updating its database which helps to update and disclos

Vulnerability Assessment: Definition, Types and Importance

What is Vulnerability Assessment? The process of identifying security voids and weaknesses in an information system is known as vulnerability assessment. It checks and evaluates the suspected vulnerabilities in a system and provides information about its severity that is whether it is low, high, or critical, and suggests a way to mitigate them. Threats like SQL injection, XSS injection, DoS attack, etc on a system can be prevented by vulnerability assessment. Types of Vulnerability Assessment 1. Host Assessment It includes vulnerability assessment of servers, workstations, and other network hosts. This assessment examines ports and services that the host is using. 2. Network Assessment It includes vulnerability assessment of public and private networks on which the system is connected. This type of assessment can also detect vulnerabilities in wired and wireless networks. 3. Database Assessment It includes vulnerability assessment of databases or big data systems. This assessment i

Phases of Incident Response Plan in Cybersecurity

An Incident response plan contains a series of phases that address a suspected data breach. Each phase contains some set of instructions that should be followed while implementing an incident response plan. Phases of Incident Response Plan  1. Preparation  This is the first phase of the incident response plan. In this phase, we ensure that the employees are properly trained and ready to deal with any security incident. We assign incidence response roles and responsibilities to each employee according to his skill. Also, in this phase, we conduct mock security, incidents in order to evaluate the capabilities of employees. 2. Identification In this phase, we identify the security incident on an organization's computer system. We also check how many systems are affected and their severity level. We also try to find out the source of that attack and analyze its degree of input on our computer systems and network. 3. Containment In this phase, we ensure that the breach does not spre