In this course, you will learn how to deploy the Nexpose tool against a variety of different targets. You will create your own custom templates and tune them to create specific policies that match the target you are assessing.
Organizations, both big and small, suffer from countless vulnerability issues. In this course, Performing Network Vulnerability Scanning with Nexpose, you will learn the foundational knowledge of using the vulnerability scanning tool, Nexpose, to assess the risk and the attack surface of a machine and/or network. First, you will learn how to prepare your toolkit and setup your sample targets to perfect your skills with your tool. Next, you will discover how to setup, configure, and customize your tool so that the deployment of it is in an effective manner and you can accurately assess the attack surface and risk of the target. Finally, you will explore how to tune and customize the Nexpose scanner to assess and evaluate web applications that are running on a web server. When you’re finished with this course, you will have the skills and knowledge of using the Nexpose Vulnerability Assessment tool to assess the weaknesses and evaluate the risk of the targets and networks to the organization's overall risk needed to effectively identify potential attack vectors from an adversary, and take the required steps to mitigate the risk of these methods of attack.
Kevin Cardwell provides consulting services for companies throughout the world and is an adviser to numerous government entities across the globe. He is an instructor, technical editor, and author for computer forensics and hacking courses. He is author of Building Virtual Pentesting Labs for Advanced Penetration Testing, first and second edition.
Course Overview Hi everyone. My name is Kevin Cardwell, and welcome to my course, Vulnerability Analysis with Nexpose. I am a freelance consultant and for more than 25 years I have been conducting vulnerability assessment tests for clients around the world. I have assessed banks, as well as many government institutions. This course will teach you how to use Nexpose to conduct a vulnerability assessment and to take the results of this and identify the risk to a system and/or network and mitigate this risk to an acceptable level. Additionally, you will learn to customize and integrate the scanning tool with the exploit framework Metasploit. In this course, we're going to install Nexpose on Windows and Linux, learn how to integrate Nexpose with the Metasploit tool, customize Nexpose policy templates to get maximum results, and perform web application scanning. By the end of this course, you will know how to use Nexpose to scan a variety of different targets and the process to customize your templates to perform scans based on analysis of the threat environment. Before beginning the course, you should be familiar with networks and IP addresses, as well as virtualization concepts and vulnerability analysis concepts as well. From here you should feel comfortable diving into security courses with courses on ethical hacking and penetration testing. I hope you'll join me on this journey to learn the critical skills for vulnerability assessments with the Vulnerability Analysis with Nexpose course at Pluralsight.