Automated Vs. Manual Vulnerability Research
- Vulnerability scanner like Nessus or Metasploit can automatize Vulnerability Research
- Can be Open source or not
| Vulnerability | Description |
|---|---|
| Security Misconfigurations | Due to developer oversight (exposing server information in messages between the application and an attacker) |
| Broken Access Control | Access parts of an application that are not supposed to be |
| Insecure Deserialization | Insecure processing of data that is sent across an application. (Pass malicious code to the application) |
| Injection | Input malicious data into an application (Due to the failure of not sanitizing) |
| Remote code execution | Execute code on the distant machine |
Finding Manual Exploits
Rapid7 : Online, Vulnerability and PoC GitHub : Public, unfiltered / unverified Searchsploit : Offline copy of Exploit-DB