Vulnerability scanning
Once you have gathered the necessary information, it's time to start performing some additional research around the vulnerabilities that exist. Vulnerability scans are done using software such as Nessus and OpenVAS, to name a couple. Typically, a vulnerability scanner will have signatures that tie into specific vulnerabilities. Once the scanner has been run and completed, you will be presented with a report that shows all the vulnerabilities related to a specific system. Vulnerability scanners are only able to detect the known vulnerabilities; anything that is unknown will not be detected by the vulnerability scanner. Vulnerability scanners are crucial to have within your penetration testing toolkit. They often expose vulnerabilities that you might have overlooked.
Let's take a look at a few vulnerability scanners that you can use in your penetration tests.