✔️ Identify vulnerabilities and security misconfiguration

✔️ Prepare yourself for the exploitation phase

🟥 What is Vulnerability Assessment?

• a phase in the Lifecycle of a Penetration Test
• client can ask for just Vulnerability Assessment instead of full pentest
• Our duty to understand client's needs and help them decide accordingly.

• Just a scan on the vulnerabilities we find, therefore it is...
• We don't proceed into exploitation meaning...
• Linear process, how?
• Vulnerability Assessments can be carried out in 2 ways:

🟦 Vulnerability Scanners

• how do they work?
• what all do scanners probe on:

Scanners' database are always up-to-date

• some vulnerability scanners:
• How and why to test manually (instead of a vuln scanner)?
• How would you study custom applications?