Vulnerability Mapping
Vulnerability Types
Today, three main classes of vulnerabilities exist from which a clear distinction can be made. The three classes are:
- Design vulnerabilities: These will be discovered via weaknesses that result from software specifications. These are by far the most cumbersome to resolve, since they require patches to be applied based on security requirements given by the pentester
- Implementation vulnerabilities: Whenever glitches within software code are discovered, they are classified here.
- Operational vulnerabilities: These vulnerabilities will result from improper configuration and deployment of software.
Vulnerability Scanning with Kali Linux
Tool : SQL Map
SQLMap is a neat tool within Kali Linux that is capable of performing various SQL injection tests against a couple of databases such as PostgreSQL, MSSQL, Oracle and MySQL. It is capable of detecting as well as exploiting the detected flaws, making it a very common tool for attackers and testers.
Leave a Reply