Using the Appropriate Vulnerability Assessment and Penetration Testing Methods and Tools
This chapter covers the following topics:
Methods: This section covers static analysis, dynamic analysis, side-channel analysis, reverse engineering including software and hardware, wireless vulnerability scans, software composition analysis, fuzz testing, pivoting, post-exploitation, and persistence.
Tools: This section describes SCAP scanners, network traffic analyzers, vulnerability scanners, protocol analyzers, port scanners, HTTP interceptors, exploit frameworks, and password crackers.
Dependency Management: This section examines the importance of managing dependencies to software development security.
Requirements: This section covers scanning ...