Network Vulnerability Assessment

During a network Vulnerability Assessment, Feisty Fox Security aims to identify and report on identified vulnerabilities within scoped systems. The identification and exploitation process will occur in an interactive pattern to ensure a wide coverage of the systems.

Within this task under the Rules of Engagement we will:

  • Enumerate system information such as operating system versions, application versions, and service configurations;
  • Browse the relevant services to identify those with inappropriate configuration allowing anonymous or unregulated access;
  • Scan each host and service for publicly disclosed vulnerabilities and configuration weaknesses;
  • For key servers, specifically, analyse server configuration to identify issues such as unnecessary modules and services, misconfigured administrative services, default files and sample pages;
  • Detection of default configurations;
  • Detection of sample or demo code;
  • Application controls against malicious user input;
  • Vulnerabilities in the middleware layer; and
  • Research both internal Feisty Fox Security proprietary as well as public vulnerability repositories for suspected security weaknesses.