Chapter 12

Using the Appropriate Vulnerability Assessment and Penetration Testing Methods and Tools

This chapter covers the following topics:

  • Methods: This section covers static analysis, dynamic analysis, side-channel analysis, reverse engineering including software and hardware, wireless vulnerability scans, software composition analysis, fuzz testing, pivoting, post-exploitation, and persistence.

  • Tools: This section describes SCAP scanners, network traffic analyzers, vulnerability scanners, protocol analyzers, port scanners, HTTP interceptors, exploit frameworks, and password crackers.

  • Dependency Management: This section examines the importance of managing dependencies to software development security.

  • Requirements: This section covers scanning ...

Get CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial