Vulnerability Assessment

Vulnerability Assessment is a core phase in offensive security and penetration testing, focused on identifying, analyzing, and understanding weaknesses within a target environment before exploitation.

This section consolidates theoretical foundations and practical techniques used during vulnerability assessment, bridging reconnaissance data with security analysis. The emphasis is not solely on automated tools, but on understanding what constitutes a vulnerability, why it exists, how it can be abused, and how it impacts the attack surface.

This section contains distilled notes from my Hack The Box – Pentesting Path study.

Full repository (expanded notes, diagrams, screenshots): https://github.com/lameiro0x/pentesting-path-htb

Network Analysis and Scanning

Introduction Network enumeration is the phase where you discover what is reachable, what is listening, and how a system responds to probes. This is where you build a map of the target and decide which services are worth deeper testing. A clean approach saves time, reduces noise, and prevents the test from stalling later. The goal is not just to find open ports, but to understand how each service behaves and what it reveals. ...

Vulnerability Assesment

Security Assessments Security assessments identify weaknesses in systems and processes. They provide evidence so teams can patch, mitigate, or remove risk. Clear scope and objectives keep the assessment useful and safe. Reports should be actionable for both technical and business teams. Security Assessment Overview Most assessments look for vulnerabilities, but depth varies by type. Some are checklist driven while others simulate real attacks. The choice depends on regulations, risk tolerance, and resources. Understanding the differences prevents mismatched expectations. ...

SQLMap

SQLMap Overview SQLMap is an open source penetration testing tool written in Python that automates SQL injection detection and exploitation. It connects to a target, probes parameters, fingerprints the back-end DBMS, and then enumerates data or attempts deeper impact. The tool is designed to speed up SQLi workflows while still providing the evidence you need for reporting. SQLMap covers the full exploitation chain in one interface. It can enumerate databases, tables, columns, and users, extract data, and even interact with the file system when the DBMS allows it. It also has features for proxying traffic, adjusting risk, and bypassing common defenses. ...