Chapter 12

Using the Appropriate Vulnerability Assessment and Penetration Testing Methods and Tools

This chapter covers the following topics:

  • Methods: This section covers static analysis, dynamic analysis, side-channel analysis, reverse engineering including software and hardware, wireless vulnerability scans, software composition analysis, fuzz testing, pivoting, post-exploitation, and persistence.

  • Tools: This section describes SCAP scanners, network traffic analyzers, vulnerability scanners, protocol analyzers, port scanners, HTTP interceptors, exploit frameworks, and password crackers.

  • Dependency Management: This section examines the importance of managing dependencies to software development security.

  • Requirements: This section covers scanning ...

Get CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.