Chapter 12

Using the Appropriate Vulnerability Assessment and Penetration Testing Methods and Tools

This chapter covers the following topics:

  • Methods: This section covers static analysis, dynamic analysis, side-channel analysis, reverse engineering including software and hardware, wireless vulnerability scans, software composition analysis, fuzz testing, pivoting, post-exploitation, and persistence.

  • Tools: This section describes SCAP scanners, network traffic analyzers, vulnerability scanners, protocol analyzers, port scanners, HTTP interceptors, exploit frameworks, and password crackers.

  • Dependency Management: This section examines the importance of managing dependencies to software development security.

  • Requirements: This section covers scanning ...

Get CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.