Scribd
Upload
9 views7 pages

Module 02 Lab Assignment 1

Uploaded by

Samuel Suala Makambo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
9 views7 pages

Module 02 Lab Assignment 1

Uploaded by

Samuel Suala Makambo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Lab Assignment Number 4

Lab Assignment Name Vulnerability Analysis

Fig 1 The search results appear, scroll down to view the underlying vulnerabilities in the
target service (here, SMB). You can click any link to view detailed information on the
vulnerability as shown in the screenshot.

.
Fig2. Run docker run -d -p 443:443 –-name openvas mikesplain/openvas command to
launch OpenVAS, Firefox browser appears, go to https://127.0.0.1/. OpenVAS login page
appears, log in with admin/admin as shown in the screenshot.
Fig3. In the Task Wizard we need enter the target IP address in the IP address or
hostname field and then click Start Scan button.

Fig4. Detailed information regarding selected vulnerability appears, as shown in the


screenshot.

Fig5. run sgpt --chat nikto --shell “Launch nikto to execute a scan against the URL
www.certifiedhacker.com to identify potential vulnerabilities.” to launch Nikto scan on the target
website.
Fig5. Scan result appears displaying the discovered vulnerabilities in the target website (here,
www.certifiedhacker.com), as shown in the screenshot.

Fig6. run sgpt --chat vuln --shell “Perform vulnerability scan on target url
http://www.moviescope.com with Nmap” command to perform vulnerability scan on the target
website. The result appears displaying open ports and services running on the target website.
Fig7. Run sgpt --chat vuln --shell “Perform a vulnerability scan on target url
http://testphp.vulnweb.com with skipfish” to scan the target URL using skipfish tool.
Fig7. The skipfish begins scanning the target url. After the successful completion of the scan, report
is saved at the /tmp/skipfish_scan_output/ location, named as index.html. Navigate to the
location, right-click on index.html and open with Firefox ESR Web Browser, as shown in the
screenshot.

Fig7. Firefox browser window appears displaying the complete scan report, as shown in the
screenshot.
Lab Observations/ Scanning Networks

In this lab, I learned to perform host discovery using Nmap (nmap -sn -PR [Target IP Address] -
sn: disables port scan and -PR: performs ARP ping scan). Explore various network scanning
techniques using Nmap (Zenmap - nmap -sT -v [Target IP Address] -sT: performs the TCP
connect/full open scan and -v enables the verbose output (include all hosts and ports in the
output)). Perform OS discovery using Nmap Script Engine (NSE), scan beyond IDS/firewall using
various evasion techniques, perform network scanning using various scanning tools, and scan a
target network using Metasploit. I also learned to perform Network Scanning using AI (ShellGPT).

You might also like